summaryrefslogtreecommitdiffstats
path: root/server/src
diff options
context:
space:
mode:
authorArtur Signell <artur@vaadin.com>2015-10-09 23:44:47 +0300
committerVaadin Code Review <review@vaadin.com>2015-11-12 10:54:33 +0000
commitf3eb1b4383848e28447717502083439d9e0dc0b7 (patch)
treebb81ac60f1b98ef3ea5121a62908b60a14ba4318 /server/src
parent142f7dcebb249c9c458cdbade014212b1a9ac27d (diff)
downloadvaadin-framework-f3eb1b4383848e28447717502083439d9e0dc0b7.tar.gz
vaadin-framework-f3eb1b4383848e28447717502083439d9e0dc0b7.zip
Do not modify state while serializing (#19090)
Serializing an object should never modify its internal state. It should be possible to serialize an object multiple times and get the same result Change-Id: I983e2eec1b3fb374bf40f150bdb9918ac5791d62
Diffstat (limited to 'server/src')
-rw-r--r--server/src/com/vaadin/server/ClientMethodInvocation.java9
1 files changed, 7 insertions, 2 deletions
diff --git a/server/src/com/vaadin/server/ClientMethodInvocation.java b/server/src/com/vaadin/server/ClientMethodInvocation.java
index 33b88a168b..77849c83df 100644
--- a/server/src/com/vaadin/server/ClientMethodInvocation.java
+++ b/server/src/com/vaadin/server/ClientMethodInvocation.java
@@ -38,7 +38,7 @@ public class ClientMethodInvocation implements Serializable,
private final ClientConnector connector;
private final String interfaceName;
private final String methodName;
- private final Object[] parameters;
+ private transient Object[] parameters;
private Type[] parameterTypes;
// used for sorting calls between different connectors in the same UI
@@ -102,6 +102,7 @@ public class ClientMethodInvocation implements Serializable,
// that is Serializable. On deserialization (readObject-method below)
// the process should be reversed.
+ Object[] serializedParameters = new Object[parameters.length];
// Easy way for implementing serialization & deserialization is by
// writing/parsing the object's content as string.
for (int i = 0; i < parameterTypes.length; i++) {
@@ -109,12 +110,15 @@ public class ClientMethodInvocation implements Serializable,
if (type instanceof Class<?>) {
Class<?> clazz = (Class<?>) type;
if (JsonArray.class.isAssignableFrom(clazz)) {
- parameters[i] = JsonUtil
+ serializedParameters[i] = JsonUtil
.stringify((JsonArray) parameters[i]);
+ } else {
+ serializedParameters[i] = parameters[i];
}
}
}
stream.defaultWriteObject();
+ stream.writeObject(serializedParameters);
}
private void readObject(ObjectInputStream stream) throws IOException,
@@ -122,6 +126,7 @@ public class ClientMethodInvocation implements Serializable,
// Reverses the serialization done in writeObject. Basically just
// parsing the serialized type back to the non-serializable type.
stream.defaultReadObject();
+ parameters = (Object[]) stream.readObject();
for (int i = 0; i < parameterTypes.length; i++) {
Type type = parameterTypes[i];
if (type instanceof Class<?>) {