Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit e214082c authored by Hao Ke's avatar Hao Ke
Browse files

Set default ClassLoader for Parcel readSerializable API. 

Set the default ClassLoader for the readSerializable(ClassLoader,
Class) API, when the ClassLoader parameter is null.

Doing so could enhance the security of Parcel deserialization,
as it would prevent resolving the Serializable class using unexpected
ClassLoaders.

Test: atest -d android.os.cts.ParcelTest
Bug: 195622897
Change-Id: I6da4b4f817c33e4464d90d1e9775b54793835c92
parent 92a4b54d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment