Mantis - Hessian
Viewing Issue Advanced Details
4046 major always 05-22-10 19:55 05-22-10 19:55
zluspai  
 
normal  
new 4.0.7  
open  
none    
none  
0004046: Hessian serializer incorrectly serializes objects when field is overloaded
I've found this bug when serializing an ant's BuildException through hessian. The test case:

import java.io.ByteArrayInputStream;

import org.apache.commons.io.output.ByteArrayOutputStream;
import org.apache.tools.ant.BuildException;

import com.caucho.hessian.io.Hessian2Input;
import com.caucho.hessian.io.Hessian2Output;

public class HessianSerializerBug {

    public static void main(String[] args) {
        try {
            ByteArrayOutputStream buf = new ByteArrayOutputStream();
            Hessian2Output out = new Hessian2Output(buf);

            BuildException ex = new BuildException();
            out.writeObject(ex);
            out.close();

            Hessian2Input in = new Hessian2Input(new ByteArrayInputStream(buf.toByteArray()));
            BuildException clone = (BuildException) in.readObject();
            in.close();
            clone.printStackTrace();
        } catch (Throwable ex) {
            ex.printStackTrace();
        }
    }

}

The output will show an infinite loop at line "clone.printStackTrace()". This happens because the BuildException class has two "cause" fields: one inherited from the Throwable base class, and other one is defined in BuildException itself. Before the serialization the "cause" value is in the Throwable class's field, after the serialization the "cause" will be in the BuildException's field.

Affects latest version, but detected in 3.1.6.



There are no notes attached to this issue.