eclipse-ee4j
Value access calls toString() on failure, potentially leading to infinite recursion
Describe the bug
The implementation of ReflectionPropagation.setValue()/getValue() calls toString() on the target object upon failure, as part of constructing the exception message:
throw new JsonbException("Error getting value on: " + object, e);
This is a problem if the toString() implementation of the object itself uses JSON serialization to produce the string value, leading to infinite recursion and stack overflow.
To Reproduce
Run main() on the following example:
import javax.json.bind.JsonbBuilder;
public final class Example
{
public static void main(String[] args) throws Exception
{
System.out.println(JsonbBuilder.create().toJson(new Example()));
}
public String getProperty()
{
throw new RuntimeException("some error");
}
@Override
public String toString()
{
return JsonbBuilder.create().toJson(this);
}
}
Expected behavior
I would argue that toString() shouldn't be called upon serialization errors. Even if toString() doesn't itself call toJson(), there is some likelyhood that it will fail for the same reason that the serialization failed. (E.g. it's not unlikely for toString() to call getProperty() itself in the example class above.) Instead I would propose to only include the object type in the exception message (e.g. getClass().getName()).
System information:
- Yasson Version: 1.0.8
Additional context Add any other context about the problem here.
