Can I force a deserialization class in function of readParcelable ?

81 views
Skip to first unread message

代超

unread,
Jul 12, 2020, 7:43:11 PM7/12/20
to android-platform

Test1Parcelable class1 = parcel.readParcelable(Test1Parcelable.class.getClassLoader());

In my app classloaders, I have many Parcelable Creator class,
such as  Test1Parcelable\ Test2Parcelable \ Test3Parcelable



Test1Parcelable class1 = parcel.readParcelable(Test1Parcelable.class.getClassLoader());

The parcel data from another untrusted app, and I cannot controll it, 
Another app cannot put any Pacelable class (such as Test2Parcelable \Test3Parcelable ) not We want (Test1Parcelable).
The code execute will come into the function  unmarshall if  anothor parcelable class.
Can the class of android.os.Parcel have some interface to force the class deserialization when readParcelable.

Thanks
Reply all
Reply to author
Forward
0 new messages