From 416e01fbe91a28da0b059cb0b940e111d6ccfe71 Mon Sep 17 00:00:00 2001 From: Nick Merlo Date: Thu, 20 Jan 2022 14:54:41 -0500 Subject: [PATCH 1/3] Don't serialize non-public fields/properties for base java classes --- .../java/com/owlike/genson/reflect/VisibilityFilter.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java index 089b37f5..9926cdf1 100644 --- a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java +++ b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java @@ -70,7 +70,14 @@ public VisibilityFilter(int... modifier) { * @return true if this member is visible according to this filter. */ public final boolean isVisible(Member member) { - return isVisible(member.getModifiers()); + Class clazz = member.getDeclaringClass(); + String className = clazz.getName(); + if(className.startsWith("java.") || className.startsWith("javax.")){ + return Modifier.isPublic(member.getModifiers()); + } + else{ + return isVisible(member.getModifiers()); + } } public final boolean isVisible(int modifiers) { From 382224305f49da3b7aa34c55ec4e08b447f8be7d Mon Sep 17 00:00:00 2001 From: Nick Merlo Date: Fri, 21 Jan 2022 10:47:17 -0500 Subject: [PATCH 2/3] Ensure public members of base classes still get checked for other modifiers set on the visibility filter --- .../java/com/owlike/genson/reflect/VisibilityFilter.java | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java index 9926cdf1..d44df6c9 100644 --- a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java +++ b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java @@ -73,11 +73,12 @@ public final boolean isVisible(Member member) { Class clazz = member.getDeclaringClass(); String className = clazz.getName(); if(className.startsWith("java.") || className.startsWith("javax.")){ - return Modifier.isPublic(member.getModifiers()); - } - else{ - return isVisible(member.getModifiers()); + if(!Modifier.isPublic(member.getModifiers())){ + return false; + } } + + return isVisible(member.getModifiers()); } public final boolean isVisible(int modifiers) { From c60bf15e818ed4151675b37374aa39a7d4c433ae Mon Sep 17 00:00:00 2001 From: Nick Merlo Date: Mon, 24 Jan 2022 12:35:55 -0500 Subject: [PATCH 3/3] Refactory visibility code for better clarity --- .../genson/reflect/VisibilityFilter.java | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java index d44df6c9..b61ff35a 100644 --- a/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java +++ b/genson/src/main/java/com/owlike/genson/reflect/VisibilityFilter.java @@ -70,15 +70,22 @@ public VisibilityFilter(int... modifier) { * @return true if this member is visible according to this filter. */ public final boolean isVisible(Member member) { - Class clazz = member.getDeclaringClass(); - String className = clazz.getName(); - if(className.startsWith("java.") || className.startsWith("javax.")){ - if(!Modifier.isPublic(member.getModifiers())){ - return false; + boolean visible = isVisible(member.getModifiers()); + + //Due to recent changes involving reflection access to base java classes, + //we need to perform an additional check to ensure that members belonging + //to java/javax packages are public. Non-public members will always be considered not visible + if(visible){ + Class clazz = member.getDeclaringClass(); + String className = clazz.getName(); + if(className.startsWith("java.") || className.startsWith("javax.")){ + if(!Modifier.isPublic(member.getModifiers())){ + visible = false; + } } } - return isVisible(member.getModifiers()); + return visible; } public final boolean isVisible(int modifiers) {