Fix #3305 (CharSequence serialization in JDK 15 POJO, not String)

Author: cowtowncoder

release-notes/VERSION-2.x

@@ -4,11 +4,14 @@ Project: jackson-databind
 === Releases === 
 ------------------------------------------------------------------------
 
-(not yet released)
+2.12.6 (not yet released)
 
 #3280: Can not deserialize json to enum value with Object-/Array-valued input,
   `@JsonCreator`
  (reported by peteryuanpan@github)
+#3305: ObjectMapper serializes `CharSequence` subtypes as POJO instead of
+  as String (JDK 15+)
+ (reported by stevenupton@github; fix suggested by Sergey C)
 #3328: Possible DoS issue
 
 2.12.5 (27-Aug-2021)

src/main/java/com/fasterxml/jackson/databind/introspect/DefaultAccessorNamingStrategy.java

@@ -79,7 +79,7 @@ public String findNameForIsGetter(AnnotatedMethod am, String name)
         return null;
     }
 
-        @Override
+    @Override
     public String findNameForRegularGetter(AnnotatedMethod am, String name)
     {
         if ((_getterPrefix != null) && name.startsWith(_getterPrefix)) {

src/main/java/com/fasterxml/jackson/databind/ser/BeanSerializerFactory.java

@@ -409,6 +409,10 @@ protected JsonSerializer<Object> constructBeanOrAddOnSerializer(SerializerProvid
         }
 
         // Any properties to suppress?
+
+        // 10-Dec-2021, tatu: [databind#3305] Some JDK types need special help
+        //    (initially, `CharSequence` with its `isEmpty()` default impl)
+        props = filterUnwantedJDKProperties(config, beanDesc, props);
         props = filterBeanProperties(config, beanDesc, props);
 
         // Need to allow reordering of properties to serialize
@@ -629,7 +633,7 @@ protected List<BeanPropertyWriter> findBeanProperties(SerializerProvider prov,
     /* Overridable non-public methods for manipulating bean properties
     /**********************************************************
      */
-    
+
     /**
      * Overridable method that can filter out properties. Default implementation
      * checks annotations class may have.
@@ -665,6 +669,36 @@ protected List<BeanPropertyWriter> filterBeanProperties(SerializationConfig conf
         return props;
     }
 
+    /**
+     * Overridable method used to filter out specifically problematic JDK provided
+     * properties.
+     *<p>
+     * See issue <a href="https://github.com/FasterXML/jackson-databind/issues/3305">
+     * databind-3305</a> for details.
+     *
+     * @since 2.13.1
+     */
+    protected List<BeanPropertyWriter> filterUnwantedJDKProperties(SerializationConfig config,
+            BeanDescription beanDesc, List<BeanPropertyWriter> props)
+    {
+        // First, only consider something that implement `CharSequence`
+        if (beanDesc.getType().isTypeOrSubTypeOf(CharSequence.class)) {
+            Iterator<BeanPropertyWriter> it = props.iterator();
+            while (it.hasNext()) {
+                BeanPropertyWriter prop = it.next();
+                // And only remove property induced by `isEmpty()` method declared
+                // in `CharSequence` (default implementation)
+                AnnotatedMember m = prop.getMember();
+                if ((m instanceof AnnotatedMethod)
+                        && "isEmpty".equals(m.getName())
+                        && m.getDeclaringClass() == CharSequence.class) {
+                    it.remove();
+                }
+            }
+        }
+        return props;
+    }
+
     /**
      * Method called to handle view information for constructed serializer,
      * based on bean property writers.