Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Polymorphic deserialization causes IllegalArgumentException in Jackson 2.8.1

See original GitHub issue

There seems to be an issue trying to deserialize an object after serialization. The error message is odd because it says that the parent is not a subtype of the child, which is correct because that is of course backwards to what the relationship actually is.

Here is a very simple test case that works fine with Jackson 2.7.5 but is broken with Jackson 2.8.1.

package jackson.test;

import org.junit.Test;
import com.fasterxml.jackson.databind.ObjectMapper;

public class BrokenJackson {

    @Test
    public void test() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();
        final JacksonChild childObject = new JacksonChild();

        String value = objectMapper.writeValueAsString(childObject);
        objectMapper.readValue(value, JacksonChild.class);
    }
}

package jackson.test;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;

@JsonIgnoreProperties(ignoreUnknown = true)
@JsonInclude(JsonInclude.Include.NON_EMPTY)
public class JacksonChild extends JacksonParent {

}


package jackson.test;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonSubTypes;
import com.fasterxml.jackson.annotation.JsonTypeInfo;

@JsonTypeInfo(use = JsonTypeInfo.Id.NAME,
    include = JsonTypeInfo.As.PROPERTY, property = "type",
    defaultImpl = JacksonParent.class)
@JsonSubTypes({ @JsonSubTypes.Type(value = JacksonChild.class, name = "child") })
@JsonIgnoreProperties(ignoreUnknown = true)
@JsonInclude(JsonInclude.Include.NON_EMPTY)
public class JacksonParent {

}

If you run the test case with these 3 classes, the resulting stacktrace is:

java.lang.IllegalArgumentException: Class jackson.test.JacksonParent not subtype of [simple type, class jackson.test.JacksonChild]
    at com.fasterxml.jackson.databind.type.TypeFactory.constructSpecializedType(TypeFactory.java:359)
    at com.fasterxml.jackson.databind.jsontype.impl.StdTypeResolverBuilder.buildTypeDeserializer(StdTypeResolverBuilder.java:118)
    at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory.findTypeDeserializer(BasicDeserializerFactory.java:1363)
    at com.fasterxml.jackson.databind.DeserializationContext.findRootValueDeserializer(DeserializationContext.java:481)
    at com.fasterxml.jackson.databind.ObjectMapper._findRootDeserializer(ObjectMapper.java:3890)
    at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:3785)
    at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2833)
    at jackson.test.BrokenJackson.test(BrokenJackson.java:16)
.....

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Reactions:3
  • Comments:8 (5 by maintainers)

github_iconTop GitHub Comments

2reactions
cowtowncodercommented, Sep 30, 2016

This is by design: as exception says, JacksonParent is not a subtype of JacksonChild. Problem being that although you ask for JacksonChild, it is possible that due to defaultImpl, JacksonParent would be returned; and that is not assignment-compatible. Earlier versions did not verify this, although they would have resulted in ClassCastException if this happened. In this case, fix would be to use:

  (JacksonChild) objectMapper.readValue(value, JacksonParent.class);

if you know for sure that defaultImpl is never used.

Now: it may be that ideally exception should be postponed and only thrown if problem occurs, not just because it might occur. I think there may already be an issue for this; but I’ll leave this open if not (if there is, I’ll close one as dup).

0reactions
cowtowncodercommented, Mar 30, 2017

Closing, same as #1488 and there is I think an issue for improving handling for this particular case, to defer throwing exception.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Polymorphic Deserialization Issue with Jackson - Stack Overflow
1 Answer 1 ... Jackson is not aware of polymorphism, it just tries to create an instance of the concrete DeviceInfo class. However,...
Read more >
DeserializationFeature (jackson-databind 2.13.1 API)
Feature that determines whether JSON floating point numbers are to be deserialized into BigDecimal s if only generic type description (either Object or...
Read more >
Security update for jackson-databind, jackson-dataformats ...
An update that fixes three vulnerabilities is now available. Description: This update for jackson-databind, jackson-dataformats-binary, ...
Read more >
SUSE alert SUSE-SU-2022:1678-1 (jackson-databind ...
SUSE Security Update: Security update for jackson-databind, ... about DeserializationFeature + Bug in polymorphic deserialization with ...
Read more >
Understanding insecure implementation of Jackson ...
Polymorphic type handling basically refers to the way Jackson handles data when complex class structures are used to serialize and deserialize ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

NPE with JsonBackReference when deserialized when using Lombok

Next page

Default constructor and no setters on data object break serialization