From 2c6f144fc031640f736862ecf85542a9df0828fa Mon Sep 17 00:00:00 2001
From: tromey <tromey@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Fri, 21 Dec 2001 22:51:41 +0000
Subject: 	* java/io/ObjectInputStream.java (enableResolveObject): Use 
 correct security check. 	* java/io/ObjectOutputStream.java
 (enableReplaceObject): Use 	correct security check.

git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@48256 138bc75d-0d04-0410-961f-82ee72b054a4
---
 libjava/java/io/ObjectInputStream.java  | 7 +++++--
 libjava/java/io/ObjectOutputStream.java | 9 ++++++---
 2 files changed, 11 insertions(+), 5 deletions(-)

(limited to 'libjava/java')

diff --git a/libjava/java/io/ObjectInputStream.java b/libjava/java/io/ObjectInputStream.java
index 7a67f3fb9a8..b530f4c045f 100644
--- a/libjava/java/io/ObjectInputStream.java
+++ b/libjava/java/io/ObjectInputStream.java
@@ -528,8 +528,11 @@ public class ObjectInputStream extends InputStream
     throws SecurityException
   {
     if (enable)
-      if (getClass ().getClassLoader () != null)
-	throw new SecurityException ("Untrusted ObjectInputStream subclass attempted to enable object resolution");
+      {
+	SecurityManager sm = System.getSecurityManager ();
+	if (sm != null)
+	  sm.checkPermission (new SerializablePermission ("enableSubtitution"));
+      }
 
     boolean old_val = this.resolveEnabled;
     this.resolveEnabled = enable;
diff --git a/libjava/java/io/ObjectOutputStream.java b/libjava/java/io/ObjectOutputStream.java
index faf7ea1a21b..26a1ee5f4b1 100644
--- a/libjava/java/io/ObjectOutputStream.java
+++ b/libjava/java/io/ObjectOutputStream.java
@@ -1,5 +1,5 @@
 /* ObjectOutputStream.java -- Class used to write serialized objects
-   Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -550,8 +550,11 @@ public class ObjectOutputStream extends OutputStream
     throws SecurityException
   {
     if (enable)
-      if (getClass ().getClassLoader () != null)
-	throw new SecurityException ("Untrusted ObjectOutputStream subclass attempted to enable object replacement");
+      {
+	SecurityManager sm = System.getSecurityManager ();
+	if (sm != null)
+	  sm.checkPermission (new SerializablePermission ("enableSubstitution"));
+      }
 
     boolean old_val = replacementEnabled;
     replacementEnabled = enable;
-- 
cgit v1.2.3