Index: src/java/org/apache/commons/fileupload/disk/DiskFileItem.java
===================================================================
--- src/java/org/apache/commons/fileupload/disk/DiskFileItem.java	(revision 1516371)
+++ src/java/org/apache/commons/fileupload/disk/DiskFileItem.java	(working copy)
@@ -712,6 +712,26 @@
         // read values
         in.defaultReadObject();
 
+        /* One expected use of serialization is to migrate HTTP sessions
+         * containing a DiskFileItem between JVMs. Particularly if the JVMs are
+         * on different machines It is possible that the repository location is
+         * not valid so validate it.
+         */
+        if (repository != null) {
+            if (repository.isDirectory()) {
+                // Check path for nulls
+                if (repository.getPath().contains("\0")) {
+                    throw new IOException("The repository [" + 
+                            repository.getPath() 
+                            +"] contains a null character");
+                }
+            } else {
+                throw new IOException("The repository [" + 
+                        repository.getAbsolutePath() +
+                        "] is not a directory");
+            }
+        }
+
         OutputStream output = getOutputStream();
         if (cachedContent != null) {
             output.write(cachedContent);