1052204 – [GSS] (6.3.0) Protocol incompatibility between serializable classes with different non-serializable superclasses

Bug 1052204 - [GSS] (6.3.0) Protocol incompatibility between serializable classes with different non-serializable superclasses

Summary: [GSS] (6.3.0) Protocol incompatibility between serializable classes with diff...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Remoting
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	DR0
Target Release:	EAP 6.3.0
Assignee:	Brad Maxwell
QA Contact:	Jitka Kozana
Docs Contact:	Russell Dickenson
URL:
Whiteboard:
Duplicates (1):	1052208 (view as bug list)
Depends On:
Blocks:	1032312 1050791
TreeView+	depends on / blocked

Reported:	2014-01-13 13:46 UTC by Brad Maxwell
Modified:	2018-12-04 16:56 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	In previous versions of JBoss EAP 6 an exception could be thrown when IBM and Oracle JVMs communicate by serializing a `StringBuilder` or `StringBuffer` class. This was caused by the marshalling protocol erroneously serializing a class descriptor for the first non-serializable superclass of a serializable class. This issue has been resolved in this version of the product with an upgrade to the JBoss Marshalling component.
Clone Of:	1032312
Environment:
Last Closed:	2014-06-28 15:28:40 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	JBMAR-156	0	Major	Resolved	Protocol incompatibility between serializable classes with different non-serializable superclasses	2018-01-29 21:15:17 UTC

Description Brad Maxwell 2014-01-13 13:46:30 UTC

+++ This bug was initially created as a clone of Bug #1032312 +++

Protocol versions up to 3 of the River marshalling protocol erroneously serialize a class descriptor for the first non-serializable superclass of a serializable class.

This manifests itself particularly when an IBM JVM and a Sun JVM communicate by serializing a StringBuilder or StringBuffer class. The Sun JDK contains a shared superclass called AbstractStringBuilder which is not present in IBM's version.

In version 4 the stream should be marked with a NULL when the first non-serializable class is hit.  For version 3 though we can just mark it with java.lang.Object because that is also a single byte and should work as well (in 1.4 at least, this class is only used to detect the end of the chain; it is not used to make decisions about what constructor to invoke).  Only the sender needs to change; the receiver should continue functioning.

--- Additional comment from Brad Maxwell on 2013-11-19 19:24:47 EST ---

Fixed in JBoss Marshalling 1.4.3

Comment 1 Brad Maxwell 2014-01-13 13:55:05 UTC

*** Bug 1052208 has been marked as a duplicate of this bug. ***

Comment 3 Kabir Khan 2014-04-04 14:49:04 UTC

Setting to ON_QA since upgrade should fix this

Comment 4 Jitka Kozana 2014-04-30 12:36:13 UTC

Fixed by component upgrade, verified.

Comment 5 sgilda 2014-05-12 20:05:19 UTC

Changed <literal></literal> tags in Doc Text to ticks (`) to fix Bug 1096865

Comment 6 sgilda 2014-05-13 11:14:09 UTC

Fix release note text as reported by bug 1097163.

Note You need to log in before you can comment on or make changes to this bug.