Skip to content

Commit 39f5dc4

Browse files
committed
Use ObjectStreamClass to check assumptions
1 parent b4ba14b commit 39f5dc4

File tree

1 file changed

+6
-8
lines changed

1 file changed

+6
-8
lines changed

core/jvm/test/MaliciousJvmSerializationTest.kt

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ package kotlinx.datetime.test
88
import kotlinx.datetime.test.MaliciousJvmSerializationTest.TestCase.Streams
99
import java.io.ByteArrayInputStream
1010
import java.io.ObjectInputStream
11+
import java.io.ObjectStreamClass
1112
import java.io.Serializable
12-
import java.lang.reflect.Modifier
1313
import kotlin.reflect.KClass
1414
import kotlin.test.Test
1515
import kotlin.test.assertEquals
@@ -140,11 +140,9 @@ class MaliciousJvmSerializationTest {
140140

141141
private fun TestCase.ensureAssumptionsHold() {
142142
val className = clazz.qualifiedName!!
143+
val objectStreamClass = ObjectStreamClass.lookup(clazz.java)
143144

144-
val actualSerialVersionUID = clazz.java
145-
.getDeclaredField("serialVersionUID")
146-
.apply { isAccessible = true }
147-
.get(null) as Long
145+
val actualSerialVersionUID = objectStreamClass.serialVersionUID
148146
if (actualSerialVersionUID == 42L) {
149147
fail("This test assumes that the tested classes don't have a serialVersionUID of 42 but $className does.")
150148
}
@@ -155,11 +153,11 @@ class MaliciousJvmSerializationTest {
155153
)
156154
}
157155

158-
val field = clazz.java.declaredFields.singleOrNull { !Modifier.isStatic(it.modifiers) }
156+
val field = objectStreamClass.fields.singleOrNull()
159157
if (field == null || field.name != delegateFieldName || field.type != delegate.javaClass) {
160158
fail(
161-
"This test assumes that $className has a single instance field named $delegateFieldName of type " +
162-
"${delegate::class.qualifiedName}. The test case for $className should be updated with new " +
159+
"This test assumes that $className has a single serializable field named '$delegateFieldName' of " +
160+
"type ${delegate::class.qualifiedName}. The test case for $className should be updated with new " +
163161
"malicious serial streams that represent the changes to $className."
164162
)
165163
}

0 commit comments

Comments
 (0)