Only construct real Throwable objects. Without this test, someone could trick us into constructing other shady classes. Test: builds, boots Bug: 65281159 Change-Id: If678d0681708d1b0dcf056aa1133830ad3dbce31 (cherry picked from commit 8e151bf8999345399208d54663f103921ae5e1c6)

commit: 87d242c279b3ae9f52ec3a3d2850f74a0250a886 [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Wed Sep 20 16:09:16 2017 -0600
committer: JP Sugarbroad <jpsugar@google.com> Wed Nov 15 14:36:37 2017 -0800
tree: 4534dd2adec185f017b8df7d95a0e5ea9e1a2006
parent: e72940be5fbb3b2ec620abf2471e29417d414ee1 [diff]
diff --git a/core/java/android/os/ParcelableException.java b/core/java/android/os/ParcelableException.java
index d84d629..7f71905 100644
--- a/core/java/android/os/ParcelableException.java
+++ b/core/java/android/os/ParcelableException.java

@@ -52,10 +52,12 @@
         final String msg = in.readString();
         try {
             final Class<?> clazz = Class.forName(name, true, Parcelable.class.getClassLoader());
-            return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            if (Throwable.class.isAssignableFrom(clazz)) {
+                return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            }
         } catch (ReflectiveOperationException e) {
-            throw new RuntimeException(name + ": " + msg);
         }
+        return new RuntimeException(name + ": " + msg);
     }
 
     /** {@hide} */
commit	87d242c279b3ae9f52ec3a3d2850f74a0250a886	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Wed Sep 20 16:09:16 2017 -0600
committer	JP Sugarbroad <jpsugar@google.com>	Wed Nov 15 14:36:37 2017 -0800
tree	4534dd2adec185f017b8df7d95a0e5ea9e1a2006
parent	e72940be5fbb3b2ec620abf2471e29417d414ee1 [diff]