java.lang.StringBuffer cannot be deserialized
#3446
Comments
|
Uhhhh, StringBuffer, is not recommended for use at all, why are you using it? |
|
I am not using it directly. In the project i am working at, where this issue occurred, is it possible for developers to define and execute groovy-scripts as part of BPMN-models that can be executed. Instead of using "+" to append strings, some where using "<<" which creates a StringBuffer instead of a String - for whatever reason. After the update, problems occurred in models with this operators since the deserialization failed. Nevertheless, i expected all java.lang-String-Classes to be able to get serialized and deserialized. |
Lolf1010
changed the title
cowtowncoder
added
2.13
and removed
to-evaluate
|
@Lolf1010 I can't remember any explicit change to cause this, so does sound like a bug. At practical level, if there is no unit test to test certain functionality, it is not really supported feature -- if there was, we'd have had regression failure for whatever change occurred. I hope to have time to check this out, probably simple to fix. |
cowtowncoder
changed the title
java.lang.StringBuffer cannot be deserialized
### What changes were proposed in this pull request? This PR aims to upgrade Jackson to 2.13.3. ### Why are the changes needed? Although Spark is not affected, Jackson 2.13.0~2.13.2 has the following regression which affects the user apps. - FasterXML/jackson-databind#3446 Here is a full release note. - https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.3 ### Does this PR introduce _any_ user-facing change? No. The previous version is not released yet. ### How was this patch tested? Pass the CIs. Closes #36627 from dongjoon-hyun/SPARK-39250. Authored-by: Dongjoon Hyun <dongjoon@apache.org> Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
### What changes were proposed in this pull request? This PR aims to upgrade Jackson to 2.13.3. ### Why are the changes needed? Although Spark is not affected, Jackson 2.13.0~2.13.2 has the following regression which affects the user apps. - FasterXML/jackson-databind#3446 Here is a full release note. - https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.3 ### Does this PR introduce _any_ user-facing change? No. The previous version is not released yet. ### How was this patch tested? Pass the CIs. Closes #36627 from dongjoon-hyun/SPARK-39250. Authored-by: Dongjoon Hyun <dongjoon@apache.org> Signed-off-by: Dongjoon Hyun <dongjoon@apache.org> (cherry picked from commit 73438c0) Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
|
Forgot to add a more meaningful update here along with the fix that went in Jackson 2.13.3 version. So. Regression occurred in 2.12.0: formerly deserialization was working "accidentally" by Bean introspection finding single-String-arg constructor and using that. Introspection of core JDK classes was limited in 2.12 for security (primary) and performance (secondary) reasons, preventing this mechanism from working. And since there were no tests verifying deserializability (I added those with the fix), regression was not noticed. Versions prior to 2.12.0 (2.11.x, 2.10.x etc) have working deserialization, as now does 2.13(.3). |
Describe the bug
I recently tried to update my jackson-version from 2.10.3 to 2.13.1 and it appears that the java.lang.StringBuffer can no longer be deserialized. java.lang.StringBuilder and java.lang.String both work as expected.
Is there a reason why the support for StringBuffer was removed somewhere between the versions or is it a bug?
Version information
2.13.1
To Reproduce
Expected behavior
java.lang.String, java.lang.StringBuilder, java.lang.StringBuffer can be serialized and deserialized.
EDIT (by @cowtowncoder )
Regression affects versions 2.12.x and 2.13.0 - 2.13.2; fixed in
2.13.3, did not affect versions up to 2.11.x.The text was updated successfully, but these errors were encountered: