Merge branch '2.7'

FasterXML · Sep 8, 2016 · e9ade49 · e9ade49
2 parents facb2c0 + e4b261e
commit e9ade49
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 22 deletions.
diff --git a/release-notes/VERSION b/release-notes/VERSION
@@ -87,6 +87,7 @@ Project: jackson-databind
 
 2.7.8 (not yet released)
 
+#877: @JsonIgnoreProperties`: ignoring the "cause" property of `Throwable` on GAE
 #1359: Improve `JsonNode` deserializer to create `FloatNode` if parser supports
 #1362: ObjectReader.readValues()` ignores offset and length when reading an array
  (reported by wastevenson@github)

diff --git a/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java b/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java
@@ -533,9 +533,9 @@ protected void addBeanProps(DeserializationContext ctxt,
             // 25-Sep-2014, tatu: No point in finding constructor parameters for abstract types
             //   (since they are never used anyway)
             if (isConcrete && propDef.hasConstructorParameter()) {
-                /* [JACKSON-700] If property is passed via constructor parameter, we must
-                 *   handle things in special way. Not sure what is the most optimal way...
-                 *   for now, let's just call a (new) method in builder, which does nothing.
+                /* If property is passed via constructor parameter, we must
+                 * handle things in special way. Not sure what is the most optimal way...
+                 * for now, let's just call a (new) method in builder, which does nothing.
                  */
                 // but let's call a method just to allow custom builders to be aware...
                 final String name = propDef.getName();
@@ -729,16 +729,26 @@ protected SettableBeanProperty constructSettableProperty(DeserializationContext
     {
         // need to ensure method is callable (for non-public)
         AnnotatedMember mutator = propDef.getNonConstructorMutator();
+
         if (ctxt.canOverrideAccessModifiers()) {
-            mutator.fixAccess(ctxt.isEnabled(MapperFeature.OVERRIDE_PUBLIC_ACCESS_MODIFIERS));
+            // [databind#877]: explicitly prevent forced access to `cause` of `Throwable`;
+            // never needed and attempts may cause problems on some platforms.
+            // !!! NOTE: should be handled better for 2.8 and later
+            if ((mutator instanceof AnnotatedField)
+                    && "cause".equals(mutator.getName())
+                    && Throwable.class.isAssignableFrom(propType0.getRawClass())) {
+                ;
+            } else {
+                mutator.fixAccess(ctxt.isEnabled(MapperFeature.OVERRIDE_PUBLIC_ACCESS_MODIFIERS));
+            }
         }
         JavaType type = resolveMemberAndTypeAnnotations(ctxt, mutator, propType0);
         // Does the Method specify the deserializer to use? If so, let's use it.
         TypeDeserializer typeDeser = type.getTypeHandler();
         SettableBeanProperty prop;
         if (mutator instanceof AnnotatedMethod) {
             prop = new MethodProperty(propDef, type, typeDeser,
-                beanDesc.getClassAnnotations(), (AnnotatedMethod) mutator);
+                    beanDesc.getClassAnnotations(), (AnnotatedMethod) mutator);
         } else {
             prop = new FieldProperty(propDef, type, typeDeser,
                     beanDesc.getClassAnnotations(), (AnnotatedField) mutator);

diff --git a/src/main/java/com/fasterxml/jackson/databind/deser/std/ThrowableDeserializer.java b/src/main/java/com/fasterxml/jackson/databind/deser/std/ThrowableDeserializer.java
@@ -119,10 +119,8 @@ public Object deserializeFromObject(JsonParser p, DeserializationContext ctxt) t
                     continue;
                 }
             }
-            /* As per [JACKSON-313], things marked as ignorable should not be
-             * passed to any setter
-             */
-            if (_ignorableProps != null && _ignorableProps.contains(propName)) {
+            // Things marked as ignorable should not be passed to any setter
+            if ((_ignorableProps != null) && _ignorableProps.contains(propName)) {
                 p.skipChildren();
                 continue;
             }

diff --git a/src/main/java/com/fasterxml/jackson/databind/util/ClassUtil.java b/src/main/java/com/fasterxml/jackson/databind/util/ClassUtil.java
@@ -858,26 +858,22 @@ public static void checkAndFixAccess(Member member, boolean force)
          *   always to make it accessible (latter because it will force
          *   skipping checks we have no use for...), so let's always call it.
          */
-        //if (!ao.isAccessible()) {
         try {
             if (force || 
                     (!Modifier.isPublic(member.getModifiers())
                             || !Modifier.isPublic(member.getDeclaringClass().getModifiers()))) {
                 ao.setAccessible(true);
             }
         } catch (SecurityException se) {
-            /* 17-Apr-2009, tatu: Related to [JACKSON-101]: this can fail on
-             *    platforms like EJB and Google App Engine); so let's
-             *    only fail if we really needed it...
-             */
+            // 17-Apr-2009, tatu: Related to [JACKSON-101]: this can fail on platforms like
+            // Google App Engine); so let's only fail if we really needed it...
             if (!ao.isAccessible()) {
                 Class<?> declClass = member.getDeclaringClass();
                 throw new IllegalArgumentException("Can not access "+member+" (from class "+declClass.getName()+"; failed to set access: "+se.getMessage());
             }
         }
-        //}
     }
-    
+
     /*
     /**********************************************************
     /* Enum type detection

diff --git a/src/test/java/com/fasterxml/jackson/databind/deser/TestExceptionDeserialization.java b/src/test/java/com/fasterxml/jackson/databind/deser/TestExceptionDeserialization.java
@@ -51,7 +51,7 @@ static class MyNoArgException extends Exception
     /**********************************************************
      */
 
-    final ObjectMapper MAPPER = new ObjectMapper();
+    private final ObjectMapper MAPPER = new ObjectMapper();
 
     public void testIOException() throws IOException
     {
@@ -61,7 +61,6 @@ public void testIOException() throws IOException
         assertEquals(ioe.getMessage(), result.getMessage());
     }
 
-    // As per [JACKSON-377]
     public void testWithCreator() throws IOException
     {
         final String MSG = "the message";
@@ -74,7 +73,6 @@ public void testWithCreator() throws IOException
         assertEquals(result.getFoo(), result.stuff.get("foo"));
     }
 
-    // [JACKSON-388]
     public void testWithNullMessage() throws IOException
     {
         final ObjectMapper mapper = new ObjectMapper();

diff --git a/src/test/java/com/fasterxml/jackson/databind/misc/AccessFixTest.java b/src/test/java/com/fasterxml/jackson/databind/misc/AccessFixTest.java
@@ -0,0 +1,42 @@
+package com.fasterxml.jackson.databind.misc;
+
+import java.io.IOException;
+import java.security.Permission;
+
+import com.fasterxml.jackson.databind.*;
+
+// Test(s) to verify that forced access works as expected
+public class AccessFixTest extends BaseMapTest
+{
+    static class CauseBlockingSecurityManager
+        extends SecurityManager
+    {
+        @Override
+        public void checkPermission(Permission perm) throws SecurityException {
+            if ("suppressAccessChecks".equals(perm.getName())) {
+throw new SecurityException("Can not force permission: "+perm);
+            }
+        }
+    }
+
+    // [databind#877]: avoid forcing access to `cause` field of `Throwable`
+    // as it is never actually used (always call `initCause()` instead)
+    public void testCauseOfThrowableIgnoral() throws Exception
+    {
+        final SecurityManager origSecMan = System.getSecurityManager();
+        try {
+            System.setSecurityManager(new CauseBlockingSecurityManager());
+            _testCauseOfThrowableIgnoral();
+        } finally {
+            System.setSecurityManager(origSecMan);
+        }
+    }
+
+    private void _testCauseOfThrowableIgnoral() throws Exception
+    {
+        ObjectMapper mapper = new ObjectMapper();
+        mapper.disable(MapperFeature.OVERRIDE_PUBLIC_ACCESS_MODIFIERS);
+        IOException e = mapper.readValue("{}", IOException.class);
+        assertNotNull(e);
+    }
+}
diff --git a/src/test/java/com/fasterxml/jackson/databind/seq/ReadValuesTest.java b/src/test/java/com/fasterxml/jackson/databind/seq/ReadValuesTest.java
@@ -86,7 +86,6 @@ private void _testRootBeans(Source srcType) throws Exception
 
         MappingIterator<Bean> it = _iterator(MAPPER.readerFor(Bean.class),
                 JSON, srcType);
-                MAPPER.readerFor(Bean.class).readValues(JSON);
         assertNotNull(it.getCurrentLocation());
         assertTrue(it.hasNext());
         Bean b = it.next();
@@ -98,16 +97,17 @@ private void _testRootBeans(Source srcType) throws Exception
         it.close();
 
         // Also, test 'readAll()'
-        it = MAPPER.readerFor(Bean.class).readValues(JSON);
+        it = _iterator(MAPPER.readerFor(Bean.class), JSON, srcType);
         List<Bean> all = it.readAll();
         assertEquals(2, all.size());
         it.close();
 
-        it = MAPPER.readerFor(Bean.class).readValues("{\"a\":3}{\"a\":3}");
+        it = _iterator(MAPPER.readerFor(Bean.class), "{\"a\":3}{\"a\":3}", srcType);
         Set<Bean> set = it.readAll(new HashSet<Bean>());
         assertEquals(HashSet.class, set.getClass());
         assertEquals(1, set.size());
         assertEquals(3, set.iterator().next().a);
+        it.close();
     }
 
     public void testRootBeansInArray() throws Exception