A test creates a mock of class A, which contains a
blacklisted API
ProxyBuilder cannot see the blacklisted method, so
it does not create a proxy for that method (calling
getDeclaredMethods() on the class omits the blacklisted
methods).
The test now passes the mock of class A to another
system class, B.
B contains code that calls the blacklisted method,
and consequently calls through to the real implementation
of that blacklisted method.
The real implementation of the blacklisted method
accesses some field which has not been initialized and
therefore crashes.
Whitelisting ProxyBuilder to be able to call hidden
APIs will allow it to properly create proxies for those
methods and prevent this type of crash.
Consider the following scenario:
Whitelisting ProxyBuilder to be able to call hidden APIs will allow it to properly create proxies for those methods and prevent this type of crash.