1032312 – [GSS] (6.2.x) Protocol incompatibility between serializable classes with different non-serializable superclasses

Bug 1032312 - [GSS] (6.2.x) Protocol incompatibility between serializable classes with different non-serializable superclasses

Summary: [GSS] (6.2.x) Protocol incompatibility between serializable classes with diff...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Remoting
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	CR1
Target Release:	EAP 6.2.1
Assignee:	David M. Lloyd
QA Contact:	Jitka Kozana
Docs Contact:	Russell Dickenson
URL:
Whiteboard:
Depends On:	1052204
Blocks:	eap62-cp01-blockers 1032313
TreeView+	depends on / blocked

Reported:	2013-11-20 00:22 UTC by Brad Maxwell
Modified:	2018-12-04 16:22 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	It was found that in previous versions of JBoss EAP 6, the marshalling layer was introducing superfluous data pertaining to non-serializable classes into the serialization stream. This was causing a range of undesirable behaviors ranging from reduced performance to ClassNotFoundExceptions and other errors between different JVMs. This release of the product sees the extra data truncated as it should be. The protocol is now more performant and is again compatible between JVMs that have different class hierarchies for the same class.
Clone Of:
Clones:	1052204 1052208 (view as bug list)
Environment:
Last Closed:	2014-02-24 20:14:53 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	JBMAR-156	0	Major	Resolved	Protocol incompatibility between serializable classes with different non-serializable superclasses	2017-02-08 20:36:53 UTC

Internal Links: 1032293 1032296 1032313 1050791

Description Brad Maxwell 2013-11-20 00:22:11 UTC

Protocol versions up to 3 of the River marshalling protocol erroneously serialize a class descriptor for the first non-serializable superclass of a serializable class.

This manifests itself particularly when an IBM JVM and a Sun JVM communicate by serializing a StringBuilder or StringBuffer class. The Sun JDK contains a shared superclass called AbstractStringBuilder which is not present in IBM's version.

In version 4 the stream should be marked with a NULL when the first non-serializable class is hit.  For version 3 though we can just mark it with java.lang.Object because that is also a single byte and should work as well (in 1.4 at least, this class is only used to detect the end of the chain; it is not used to make decisions about what constructor to invoke).  Only the sender needs to change; the receiver should continue functioning.

Comment 1 Brad Maxwell 2013-11-20 00:24:47 UTC

Fixed in JBoss Marshalling 1.4.3

Comment 2 Scott Mumford 2014-01-20 05:56:01 UTC

Marking for inclusion in 6.2.1 release notes documentation.

Comment 3 Scott Mumford 2014-01-23 02:33:33 UTC

Requesting information (possibly even a draft release note) as I am having some difficulty parsing the details of this issue and it's resolution.

Brad, any assistance you can offer would be good. I'm lost somewhere in the series of serializable and non-serializable classes.

Comment 4 Scott Mumford 2014-01-24 00:10:36 UTC

Thanks for the awesome content David. That was exactly what I needed! I've reformatted the note for publication and marked it for inclusion in the Release Notes document.

Comment 5 Ladislav Thon 2014-01-27 14:39:20 UTC

Verified with EAP 6.2.1.CP.CR1.

Note You need to log in before you can comment on or make changes to this bug.