Done http://jira.codehaus.org/browse/XSTR-764
-----Original Message----- From: Jörg Schaible [mailto:[email protected]] Sent: Monday, December 08, 2014 3:27 PM To: [email protected] Subject: [xstream-dev] Re: Validation of readResolve() result Hi Roy, Roy Zahor wrote: > Hi, > > I would like to suggest a small fix that would check that the result > of a > readResolve() call is not null. > > While developing with XStream, I forgot to return the object in my > readResolve() implementation, and the unmarshaling process continued > without throwing any exception, resulting with a null object. It took > me several hours to understand that the cause for a null object is my > wrong > readResolve() implementation. In this case I recommend to throw a > descriptive exception that will help the developer to understand that > something is wrong with their readResolve() implementation instead of > returning a null object. > > The suggested fix is to replace line 66 in SerializationMethodInvoker > from: > > return readResolveMethod.invoke(result); > to: > Object invokeResult = > readResolveMethod.invoke(result); if (invokeResult == > null) > throw new > ObjectAccessException(resultType.getName() + > ".readResolve() returned null"); > return invokeResult; > > Attached please find SVN patch file. I have run all unit tests and > they completed successfully after applying this fix. thanks for the feedback and the patch, but can you please raise an issue at jira.codehaus.org/browse/XStream to ensure that the patch does not get lost? You can open an account at xircles.codehaus.org (simple email account is *not* enough). It may take some moments until you new account is available in Jira then. THanks, Jörg --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
