为什么需要 AtomicReferenceArray 中的 `readObject()` 覆盖方法?
why need the `readObject()` overriding method in AtomicReferenceArray?
正如题主所说,为什么AtomicReferenceArray中需要readObject()重写方法,而AtomicIntegerArray和AtomicLongArray中没有readObject()重写方法?
错误票据中可能会解释原因 https://bugzilla.redhat.com/show_bug.cgi?id=788994(错误 788994(CVE-2011-3571、CVE-2012-0507)- CVE-2012-0507 OpenJDK:AtomicReferenceArray 数组类型检查不足(并发, 7082299)):
The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine to crash or bypass Java sandbox restrictions.
所以他们添加了 readObject() 方法来检查提交中的类型 https://github.com/openjdk/jdk/commit/e088fb2b1a3413a9d040346fd02ebb6bcd7db9cf(7082299:AtomicReferenceArray 应该确保数组是 Object[])
正如题主所说,为什么AtomicReferenceArray中需要readObject()重写方法,而AtomicIntegerArray和AtomicLongArray中没有readObject()重写方法?
错误票据中可能会解释原因 https://bugzilla.redhat.com/show_bug.cgi?id=788994(错误 788994(CVE-2011-3571、CVE-2012-0507)- CVE-2012-0507 OpenJDK:AtomicReferenceArray 数组类型检查不足(并发, 7082299)):
The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine to crash or bypass Java sandbox restrictions.
所以他们添加了 readObject() 方法来检查提交中的类型 https://github.com/openjdk/jdk/commit/e088fb2b1a3413a9d040346fd02ebb6bcd7db9cf(7082299:AtomicReferenceArray 应该确保数组是 Object[])