From 8e151bf8999345399208d54663f103921ae5e1c6 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Wed, 20 Sep 2017 16:09:16 -0600
Subject: [PATCH] Only construct real Throwable objects.

Without this test, someone could trick us into constructing other
shady classes.

Test: builds, boots
Bug: 65281159
Change-Id: If678d0681708d1b0dcf056aa1133830ad3dbce31
---
 core/java/android/os/ParcelableException.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/java/android/os/ParcelableException.java b/core/java/android/os/ParcelableException.java
index d84d62997d939..7f71905d7f280 100644
--- a/core/java/android/os/ParcelableException.java
+++ b/core/java/android/os/ParcelableException.java
@@ -52,10 +52,12 @@ public final class ParcelableException extends RuntimeException implements Parce
         final String msg = in.readString();
         try {
             final Class<?> clazz = Class.forName(name, true, Parcelable.class.getClassLoader());
-            return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            if (Throwable.class.isAssignableFrom(clazz)) {
+                return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            }
         } catch (ReflectiveOperationException e) {
-            throw new RuntimeException(name + ": " + msg);
         }
+        return new RuntimeException(name + ": " + msg);
     }
 
     /** {@hide} */