$length = $this->readInt();
// We don't pre-allocate the array; this prevents an allocation attack
return new SSSR_BoundedList($instanceClass->getComponentType(), $length);
} else {
if ($instanceClass->isEnum()) {
// Bypass enum transformation
$ordinal = $this->readInt();
$values = $instanceClass->getEnumValues();
assert(in_array($ordinal, $values, true));
return $ordinal;
} else {
$constructor = $instanceClass->getConstructor();
$constructor->setAccessible(true);
return $constructor->newInstance();
}
}
}
private function validateTypeVersions(Clazz $instanceClass, SerializedInstanceReference $serializedInstRef)
{
$clientTypeSignature = $serializedInstRef->getSignature();
if (empty($clientTypeSignature)) {
throw new SerializationException('Missin type signature for "' . $instanceClass->getFullName() . '"');
}
$serverTypeSignature = SerializabilityUtilEx::getSerializationSignature($instanceClass, $this->serializationPolicy);
if ($clientTypeSignature !== $serverTypeSignature) {
throw new SerializationException('Invalid type signature for "' . $instanceClass->getFullName() . '"');
}
}
}
ServerSerializationStreamReader::init();
