| Methods Summary |
|---|
| private static boolean | auditSubclass(java.lang.Class subcl)Performs reflective checks on given subclass to verify that it doesn't
override security-sensitive non-final methods. Returns true if subclass
is "safe", false otherwise.
Boolean result = (Boolean) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
for (Class cl = subcl;
cl != ObjectInputStream.class;
cl = cl.getSuperclass())
{
try {
cl.getDeclaredMethod("readUnshared", new Class[0]);
return Boolean.FALSE;
} catch (NoSuchMethodException ex) {
}
try {
cl.getDeclaredMethod("readFields", new Class[0]);
return Boolean.FALSE;
} catch (NoSuchMethodException ex) {
}
}
return Boolean.TRUE;
}
}
);
return result.booleanValue();
|
| public int | available()Returns the number of bytes that can be read without blocking.
return bin.available();
|
| private static native void | bytesToDoubles(byte[] src, int srcpos, double[] dst, int dstpos, int ndoubles)Converts specified span of bytes into double values.
|
| private static native void | bytesToFloats(byte[] src, int srcpos, float[] dst, int dstpos, int nfloats)Converts specified span of bytes into float values.
|
| private java.lang.Object | checkResolve(java.lang.Object obj)If resolveObject has been enabled and given object does not have an
exception associated with it, calls resolveObject to determine
replacement for object, and updates handle table accordingly. Returns
replacement object, or echoes provided object if no replacement
occurred. Expects that passHandle is set to given object's handle prior
to calling this method.
if (!enableResolve || handles.lookupException(passHandle) != null) {
return obj;
}
Object rep = resolveObject(obj);
if (rep != obj) {
handles.setObject(passHandle, rep);
}
return rep;
|
| private void | clear()Clears internal data structures.
handles.clear();
vlist.clear();
|
| public void | close()Closes the input stream. Must be called to release any resources
associated with the stream.
/*
* Even if stream already closed, propagate redundant close to
* underlying stream to stay consistent with previous implementations.
*/
closed = true;
if (depth == 0) {
clear();
}
bin.close();
|
| private void | defaultReadFields(java.lang.Object obj, java.io.ObjectStreamClass desc)Reads in values of serializable fields declared by given class
descriptor. If obj is non-null, sets field values in obj. Expects that
passHandle is set to obj's handle before this method is called.
// REMIND: is isInstance check necessary?
Class cl = desc.forClass();
if (cl != null && obj != null && !cl.isInstance(obj)) {
throw new ClassCastException();
}
int primDataSize = desc.getPrimDataSize();
if (primVals == null || primVals.length < primDataSize) {
primVals = new byte[primDataSize];
}
bin.readFully(primVals, 0, primDataSize, false);
if (obj != null) {
desc.setPrimFieldValues(obj, primVals);
}
int objHandle = passHandle;
ObjectStreamField[] fields = desc.getFields(false);
Object[] objVals = new Object[desc.getNumObjFields()];
int numPrimFields = fields.length - objVals.length;
for (int i = 0; i < objVals.length; i++) {
ObjectStreamField f = fields[numPrimFields + i];
objVals[i] = readObject0(f.isUnshared());
if (f.getField() != null) {
handles.markDependency(objHandle, passHandle);
}
}
if (obj != null) {
desc.setObjFieldValues(obj, objVals);
}
passHandle = objHandle;
|
| public void | defaultReadObject()Read the non-static and non-transient fields of the current class from
this stream. This may only be called from the readObject method of the
class being deserialized. It will throw the NotActiveException if it is
called otherwise.
if (curObj == null || curDesc == null) {
throw new NotActiveException("not in call to readObject");
}
bin.setBlockDataMode(false);
defaultReadFields(curObj, curDesc);
bin.setBlockDataMode(true);
if (!curDesc.hasWriteObjectData()) {
/*
* Fix for 4360508: since stream does not contain terminating
* TC_ENDBLOCKDATA tag, set flag so that reading code elsewhere
* knows to simulate end-of-custom-data behavior.
*/
defaultDataEnd = true;
}
ClassNotFoundException ex = handles.lookupException(passHandle);
if (ex != null) {
throw ex;
}
|
| protected boolean | enableResolveObject(boolean enable)Enable the stream to allow objects read from the stream to be replaced.
When enabled, the resolveObject method is called for every object being
deserialized.
If enable is true, and there is a security manager installed,
this method first calls the security manager's
checkPermission method with the
SerializablePermission("enableSubstitution") permission to
ensure it's ok to enable the stream to allow objects read from the
stream to be replaced.
if (enable == enableResolve) {
return enable;
}
if (enable) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBSTITUTION_PERMISSION);
}
}
enableResolve = enable;
return !enableResolve;
|
| private void | handleReset()If recursion depth is 0, clears internal data structures; otherwise,
throws a StreamCorruptedException. This method is called when a
TC_RESET typecode is encountered.
if (depth > 0) {
throw new StreamCorruptedException("unexpected reset");
}
clear();
|
| private static native java.lang.ClassLoader | latestUserDefinedLoader()Returns the first non-null class loader (not counting class loaders of
generated reflection implementation classes) up the execution stack, or
null if only code from the null class loader is on the stack. This
method is also called via reflection by the following RMI-IIOP class:
com.sun.corba.se.internal.util.JDKClassLoader
This method should not be removed or its signature changed without
corresponding modifications to the above class.
|
| public int | read()Reads a byte of data. This method will block if no input is available.
return bin.read();
|
| public int | read(byte[] buf, int off, int len)Reads into an array of bytes. This method will block until some input
is available. Consider using java.io.DataInputStream.readFully to read
exactly 'length' bytes.
if (buf == null) {
throw new NullPointerException();
}
int endoff = off + len;
if (off < 0 || len < 0 || endoff > buf.length || endoff < 0) {
throw new IndexOutOfBoundsException();
}
return bin.read(buf, off, len, false);
|
| private java.lang.Object | readArray(boolean unshared)Reads in and returns array object, or null if array class is
unresolvable. Sets passHandle to array's assigned handle.
if (bin.readByte() != TC_ARRAY) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = readClassDesc(false);
int len = bin.readInt();
Object array = null;
Class cl, ccl = null;
if ((cl = desc.forClass()) != null) {
ccl = cl.getComponentType();
array = Array.newInstance(ccl, len);
}
int arrayHandle = handles.assign(unshared ? unsharedMarker : array);
ClassNotFoundException resolveEx = desc.getResolveException();
if (resolveEx != null) {
handles.markException(arrayHandle, resolveEx);
}
if (ccl == null) {
for (int i = 0; i < len; i++) {
readObject0(false);
}
} else if (ccl.isPrimitive()) {
if (ccl == Integer.TYPE) {
bin.readInts((int[]) array, 0, len);
} else if (ccl == Byte.TYPE) {
bin.readFully((byte[]) array, 0, len, true);
} else if (ccl == Long.TYPE) {
bin.readLongs((long[]) array, 0, len);
} else if (ccl == Float.TYPE) {
bin.readFloats((float[]) array, 0, len);
} else if (ccl == Double.TYPE) {
bin.readDoubles((double[]) array, 0, len);
} else if (ccl == Short.TYPE) {
bin.readShorts((short[]) array, 0, len);
} else if (ccl == Character.TYPE) {
bin.readChars((char[]) array, 0, len);
} else if (ccl == Boolean.TYPE) {
bin.readBooleans((boolean[]) array, 0, len);
} else {
throw new InternalError();
}
} else {
Object[] oa = (Object[]) array;
for (int i = 0; i < len; i++) {
oa[i] = readObject0(false);
handles.markDependency(arrayHandle, passHandle);
}
}
handles.finish(arrayHandle);
passHandle = arrayHandle;
return array;
|
| public boolean | readBoolean()Reads in a boolean.
return bin.readBoolean();
|
| public byte | readByte()Reads an 8 bit byte.
return bin.readByte();
|
| public char | readChar()Reads a 16 bit char.
return bin.readChar();
|
| private java.lang.Class | readClass(boolean unshared)Reads in and returns class object. Sets passHandle to class object's
assigned handle. Returns null if class is unresolvable (in which case a
ClassNotFoundException will be associated with the class' handle in the
handle table).
if (bin.readByte() != TC_CLASS) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = readClassDesc(false);
Class cl = desc.forClass();
passHandle = handles.assign(unshared ? unsharedMarker : cl);
ClassNotFoundException resolveEx = desc.getResolveException();
if (resolveEx != null) {
handles.markException(passHandle, resolveEx);
}
handles.finish(passHandle);
return cl;
|
| private java.io.ObjectStreamClass | readClassDesc(boolean unshared)Reads in and returns (possibly null) class descriptor. Sets passHandle
to class descriptor's assigned handle. If class descriptor cannot be
resolved to a class in the local VM, a ClassNotFoundException is
associated with the class descriptor's handle.
switch (bin.peekByte()) {
case TC_NULL:
return (ObjectStreamClass) readNull();
case TC_REFERENCE:
return (ObjectStreamClass) readHandle(unshared);
case TC_PROXYCLASSDESC:
return readProxyDesc(unshared);
case TC_CLASSDESC:
return readNonProxyDesc(unshared);
default:
throw new StreamCorruptedException();
}
|
| protected java.io.ObjectStreamClass | readClassDescriptor()Read a class descriptor from the serialization stream. This method is
called when the ObjectInputStream expects a class descriptor as the next
item in the serialization stream. Subclasses of ObjectInputStream may
override this method to read in class descriptors that have been written
in non-standard formats (by subclasses of ObjectOutputStream which have
overridden the writeClassDescriptor method). By default,
this method reads class descriptors according to the format defined in
the Object Serialization specification.
ObjectStreamClass desc = new ObjectStreamClass();
desc.readNonProxy(this);
return desc;
|
| public double | readDouble()Reads a 64 bit double.
return bin.readDouble();
|
| private java.lang.Enum | readEnum(boolean unshared)Reads in and returns enum constant, or null if enum type is
unresolvable. Sets passHandle to enum constant's assigned handle.
if (bin.readByte() != TC_ENUM) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = readClassDesc(false);
if (!desc.isEnum()) {
throw new InvalidClassException("non-enum class: " + desc);
}
int enumHandle = handles.assign(unshared ? unsharedMarker : null);
ClassNotFoundException resolveEx = desc.getResolveException();
if (resolveEx != null) {
handles.markException(enumHandle, resolveEx);
}
String name = readString(false);
Enum en = null;
Class cl = desc.forClass();
if (cl != null) {
try {
en = Enum.valueOf(cl, name);
} catch (IllegalArgumentException ex) {
throw (IOException) new InvalidObjectException(
"enum constant " + name + " does not exist in " +
cl).initCause(ex);
}
if (!unshared) {
handles.setObject(enumHandle, en);
}
}
handles.finish(enumHandle);
passHandle = enumHandle;
return en;
|
| private void | readExternalData(java.io.Externalizable obj, java.io.ObjectStreamClass desc)If obj is non-null, reads externalizable data by invoking readExternal()
method of obj; otherwise, attempts to skip over externalizable data.
Expects that passHandle is set to obj's handle before this method is
called.
Object oldObj = curObj;
ObjectStreamClass oldDesc = curDesc;
GetFieldImpl oldGet = curGet;
curObj = obj;
curDesc = null;
curGet = null;
boolean blocked = desc.hasBlockExternalData();
if (blocked) {
bin.setBlockDataMode(true);
}
if (obj != null) {
try {
obj.readExternal(this);
} catch (ClassNotFoundException ex) {
/*
* In most cases, the handle table has already propagated a
* CNFException to passHandle at this point; this mark call is
* included to address cases where the readExternal method has
* cons'ed and thrown a new CNFException of its own.
*/
handles.markException(passHandle, ex);
}
}
if (blocked) {
skipCustomData();
}
/*
* At this point, if the externalizable data was not written in
* block-data form and either the externalizable class doesn't exist
* locally (i.e., obj == null) or readExternal() just threw a
* CNFException, then the stream is probably in an inconsistent state,
* since some (or all) of the externalizable data may not have been
* consumed. Since there's no "correct" action to take in this case,
* we mimic the behavior of past serialization implementations and
* blindly hope that the stream is in sync; if it isn't and additional
* externalizable data remains in the stream, a subsequent read will
* most likely throw a StreamCorruptedException.
*/
curObj = oldObj;
curDesc = oldDesc;
curGet = oldGet;
|
| private java.io.IOException | readFatalException()Reads in and returns IOException that caused serialization to abort.
All stream state is discarded prior to reading in fatal exception. Sets
passHandle to fatal exception's handle.
if (bin.readByte() != TC_EXCEPTION) {
throw new StreamCorruptedException();
}
clear();
return (IOException) readObject0(false);
|
| public java.io.ObjectInputStream$GetField | readFields()Reads the persistent fields from the stream and makes them available by
name.
if (curGet == null) {
if (curObj == null || curDesc == null) {
throw new NotActiveException("not in call to readObject");
}
curGet = new GetFieldImpl(curDesc);
}
bin.setBlockDataMode(false);
curGet.readFields();
bin.setBlockDataMode(true);
if (!curDesc.hasWriteObjectData()) {
/*
* Fix for 4360508: since stream does not contain terminating
* TC_ENDBLOCKDATA tag, set flag so that reading code elsewhere
* knows to simulate end-of-custom-data behavior.
*/
defaultDataEnd = true;
}
return curGet;
|
| public float | readFloat()Reads a 32 bit float.
return bin.readFloat();
|
| public void | readFully(byte[] buf)Reads bytes, blocking until all bytes are read.
bin.readFully(buf, 0, buf.length, false);
|
| public void | readFully(byte[] buf, int off, int len)Reads bytes, blocking until all bytes are read.
int endoff = off + len;
if (off < 0 || len < 0 || endoff > buf.length || endoff < 0) {
throw new IndexOutOfBoundsException();
}
bin.readFully(buf, off, len, false);
|
| private java.lang.Object | readHandle(boolean unshared)Reads in object handle, sets passHandle to the read handle, and returns
object associated with the handle.
if (bin.readByte() != TC_REFERENCE) {
throw new StreamCorruptedException();
}
passHandle = bin.readInt() - baseWireHandle;
if (passHandle < 0 || passHandle >= handles.size()) {
throw new StreamCorruptedException("illegal handle value");
}
if (unshared) {
// REMIND: what type of exception to throw here?
throw new InvalidObjectException(
"cannot read back reference as unshared");
}
Object obj = handles.lookupObject(passHandle);
if (obj == unsharedMarker) {
// REMIND: what type of exception to throw here?
throw new InvalidObjectException(
"cannot read back reference to unshared object");
}
return obj;
|
| public int | readInt()Reads a 32 bit int.
return bin.readInt();
|
| public java.lang.String | readLine()Reads in a line that has been terminated by a \n, \r, \r\n or EOF.
return bin.readLine();
|
| public long | readLong()Reads a 64 bit long.
return bin.readLong();
|
| private java.io.ObjectStreamClass | readNonProxyDesc(boolean unshared)Reads in and returns class descriptor for a class that is not a dynamic
proxy class. Sets passHandle to class descriptor's assigned handle. If
class descriptor cannot be resolved to a class in the local VM, a
ClassNotFoundException is associated with the descriptor's handle.
if (bin.readByte() != TC_CLASSDESC) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = new ObjectStreamClass();
int descHandle = handles.assign(unshared ? unsharedMarker : desc);
passHandle = NULL_HANDLE;
ObjectStreamClass readDesc = null;
try {
readDesc = readClassDescriptor();
} catch (ClassNotFoundException ex) {
throw (IOException) new InvalidClassException(
"failed to read class descriptor").initCause(ex);
}
Class cl = null;
ClassNotFoundException resolveEx = null;
bin.setBlockDataMode(true);
try {
if ((cl = resolveClass(readDesc)) == null) {
throw new ClassNotFoundException("null class");
}
} catch (ClassNotFoundException ex) {
resolveEx = ex;
}
skipCustomData();
desc.initNonProxy(readDesc, cl, resolveEx, readClassDesc(false));
handles.finish(descHandle);
passHandle = descHandle;
return desc;
|
| private java.lang.Object | readNull()Reads in null code, sets passHandle to NULL_HANDLE and returns null.
if (bin.readByte() != TC_NULL) {
throw new StreamCorruptedException();
}
passHandle = NULL_HANDLE;
return null;
|
| public final java.lang.Object | readObject()Read an object from the ObjectInputStream. The class of the object, the
signature of the class, and the values of the non-transient and
non-static fields of the class and all of its supertypes are read.
Default deserializing for a class can be overriden using the writeObject
and readObject methods. Objects referenced by this object are read
transitively so that a complete equivalent graph of objects is
reconstructed by readObject.
The root object is completely restored when all of its fields and the
objects it references are completely restored. At this point the object
validation callbacks are executed in order based on their registered
priorities. The callbacks are registered by objects (in the readObject
special methods) as they are individually restored.
Exceptions are thrown for problems with the InputStream and for
classes that should not be deserialized. All exceptions are fatal to
the InputStream and leave it in an indeterminate state; it is up to the
caller to ignore or recover the stream state.
if (enableOverride) {
return readObjectOverride();
}
// if nested read, passHandle contains handle of enclosing object
int outerHandle = passHandle;
try {
Object obj = readObject0(false);
handles.markDependency(outerHandle, passHandle);
ClassNotFoundException ex = handles.lookupException(passHandle);
if (ex != null) {
throw ex;
}
if (depth == 0) {
vlist.doCallbacks();
}
return obj;
} finally {
passHandle = outerHandle;
if (closed && depth == 0) {
clear();
}
}
|
| private java.lang.Object | readObject0(boolean unshared)Underlying readObject implementation.
boolean oldMode = bin.getBlockDataMode();
if (oldMode) {
int remain = bin.currentBlockRemaining();
if (remain > 0) {
throw new OptionalDataException(remain);
} else if (defaultDataEnd) {
/*
* Fix for 4360508: stream is currently at the end of a field
* value block written via default serialization; since there
* is no terminating TC_ENDBLOCKDATA tag, simulate
* end-of-custom-data behavior explicitly.
*/
throw new OptionalDataException(true);
}
bin.setBlockDataMode(false);
}
byte tc;
while ((tc = bin.peekByte()) == TC_RESET) {
bin.readByte();
handleReset();
}
depth++;
try {
switch (tc) {
case TC_NULL:
return readNull();
case TC_REFERENCE:
return readHandle(unshared);
case TC_CLASS:
return readClass(unshared);
case TC_CLASSDESC:
case TC_PROXYCLASSDESC:
return readClassDesc(unshared);
case TC_STRING:
case TC_LONGSTRING:
return checkResolve(readString(unshared));
case TC_ARRAY:
return checkResolve(readArray(unshared));
case TC_ENUM:
return checkResolve(readEnum(unshared));
case TC_OBJECT:
return checkResolve(readOrdinaryObject(unshared));
case TC_EXCEPTION:
IOException ex = readFatalException();
throw new WriteAbortedException("writing aborted", ex);
case TC_BLOCKDATA:
case TC_BLOCKDATALONG:
if (oldMode) {
bin.setBlockDataMode(true);
bin.peek(); // force header read
throw new OptionalDataException(
bin.currentBlockRemaining());
} else {
throw new StreamCorruptedException(
"unexpected block data");
}
case TC_ENDBLOCKDATA:
if (oldMode) {
throw new OptionalDataException(true);
} else {
throw new StreamCorruptedException(
"unexpected end of block data");
}
default:
throw new StreamCorruptedException();
}
} finally {
depth--;
bin.setBlockDataMode(oldMode);
}
|
| protected java.lang.Object | readObjectOverride()This method is called by trusted subclasses of ObjectOutputStream that
constructed ObjectOutputStream using the protected no-arg constructor.
The subclass is expected to provide an override method with the modifier
"final".
return null;
|
| private java.lang.Object | readOrdinaryObject(boolean unshared)Reads and returns "ordinary" (i.e., not a String, Class,
ObjectStreamClass, array, or enum constant) object, or null if object's
class is unresolvable (in which case a ClassNotFoundException will be
associated with object's handle). Sets passHandle to object's assigned
handle.
if (bin.readByte() != TC_OBJECT) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = readClassDesc(false);
desc.checkDeserialize();
Object obj;
try {
obj = desc.isInstantiable() ? desc.newInstance() : null;
} catch (Exception ex) {
throw new InvalidClassException(
desc.forClass().getName(), "unable to create instance");
}
passHandle = handles.assign(unshared ? unsharedMarker : obj);
ClassNotFoundException resolveEx = desc.getResolveException();
if (resolveEx != null) {
handles.markException(passHandle, resolveEx);
}
if (desc.isExternalizable()) {
readExternalData((Externalizable) obj, desc);
} else {
readSerialData(obj, desc);
}
handles.finish(passHandle);
if (obj != null &&
handles.lookupException(passHandle) == null &&
desc.hasReadResolveMethod())
{
Object rep = desc.invokeReadResolve(obj);
if (rep != obj) {
handles.setObject(passHandle, obj = rep);
}
}
return obj;
|
| private java.io.ObjectStreamClass | readProxyDesc(boolean unshared)Reads in and returns class descriptor for a dynamic proxy class. Sets
passHandle to proxy class descriptor's assigned handle. If proxy class
descriptor cannot be resolved to a class in the local VM, a
ClassNotFoundException is associated with the descriptor's handle.
if (bin.readByte() != TC_PROXYCLASSDESC) {
throw new StreamCorruptedException();
}
ObjectStreamClass desc = new ObjectStreamClass();
int descHandle = handles.assign(unshared ? unsharedMarker : desc);
passHandle = NULL_HANDLE;
int numIfaces = bin.readInt();
String[] ifaces = new String[numIfaces];
for (int i = 0; i < numIfaces; i++) {
ifaces[i] = bin.readUTF();
}
Class cl = null;
ClassNotFoundException resolveEx = null;
bin.setBlockDataMode(true);
try {
if ((cl = resolveProxyClass(ifaces)) == null) {
throw new ClassNotFoundException("null class");
}
} catch (ClassNotFoundException ex) {
resolveEx = ex;
}
skipCustomData();
desc.initProxy(cl, resolveEx, readClassDesc(false));
handles.finish(descHandle);
passHandle = descHandle;
return desc;
|
| private void | readSerialData(java.lang.Object obj, java.io.ObjectStreamClass desc)Reads (or attempts to skip, if obj is null or is tagged with a
ClassNotFoundException) instance data for each serializable class of
object in stream, from superclass to subclass. Expects that passHandle
is set to obj's handle before this method is called.
ObjectStreamClass.ClassDataSlot[] slots = desc.getClassDataLayout();
for (int i = 0; i < slots.length; i++) {
ObjectStreamClass slotDesc = slots[i].desc;
if (slots[i].hasData) {
if (obj != null &&
slotDesc.hasReadObjectMethod() &&
handles.lookupException(passHandle) == null)
{
Object oldObj = curObj;
ObjectStreamClass oldDesc = curDesc;
GetFieldImpl oldGet = curGet;
curObj = obj;
curDesc = slotDesc;
curGet = null;
bin.setBlockDataMode(true);
try {
slotDesc.invokeReadObject(obj, this);
} catch (ClassNotFoundException ex) {
/*
* In most cases, the handle table has already
* propagated a CNFException to passHandle at this
* point; this mark call is included to address cases
* where the custom readObject method has cons'ed and
* thrown a new CNFException of its own.
*/
handles.markException(passHandle, ex);
}
curObj = oldObj;
curDesc = oldDesc;
curGet = oldGet;
/*
* defaultDataEnd may have been set indirectly by custom
* readObject() method when calling defaultReadObject() or
* readFields(); clear it to restore normal read behavior.
*/
defaultDataEnd = false;
} else {
defaultReadFields(obj, slotDesc);
}
if (slotDesc.hasWriteObjectData()) {
skipCustomData();
} else {
bin.setBlockDataMode(false);
}
} else {
if (obj != null &&
slotDesc.hasReadObjectNoDataMethod() &&
handles.lookupException(passHandle) == null)
{
slotDesc.invokeReadObjectNoData(obj);
}
}
}
|
| public short | readShort()Reads a 16 bit short.
return bin.readShort();
|
| protected void | readStreamHeader()The readStreamHeader method is provided to allow subclasses to read and
verify their own stream headers. It reads and verifies the magic number
and version number.
if (bin.readShort() != STREAM_MAGIC ||
bin.readShort() != STREAM_VERSION)
{
throw new StreamCorruptedException("invalid stream header");
}
|
| private java.lang.String | readString(boolean unshared)Reads in and returns new string. Sets passHandle to new string's
assigned handle.
String str;
switch (bin.readByte()) {
case TC_STRING:
str = bin.readUTF();
break;
case TC_LONGSTRING:
str = bin.readLongUTF();
break;
default:
throw new StreamCorruptedException();
}
passHandle = handles.assign(unshared ? unsharedMarker : str);
handles.finish(passHandle);
return str;
|
| java.lang.String | readTypeString()Reads string without allowing it to be replaced in stream. Called from
within ObjectStreamClass.read().
int oldHandle = passHandle;
try {
switch (bin.peekByte()) {
case TC_NULL:
return (String) readNull();
case TC_REFERENCE:
return (String) readHandle(false);
case TC_STRING:
case TC_LONGSTRING:
return readString(false);
default:
throw new StreamCorruptedException();
}
} finally {
passHandle = oldHandle;
}
|
| public java.lang.String | readUTF()Reads a String in
modified UTF-8
format.
return bin.readUTF();
|
| public java.lang.Object | readUnshared()Reads an "unshared" object from the ObjectInputStream. This method is
identical to readObject, except that it prevents subsequent calls to
readObject and readUnshared from returning additional references to the
deserialized instance obtained via this call. Specifically:
- If readUnshared is called to deserialize a back-reference (the
stream representation of an object which has been written
previously to the stream), an ObjectStreamException will be
thrown.
- If readUnshared returns successfully, then any subsequent attempts
to deserialize back-references to the stream handle deserialized
by readUnshared will cause an ObjectStreamException to be thrown.
Deserializing an object via readUnshared invalidates the stream handle
associated with the returned object. Note that this in itself does not
always guarantee that the reference returned by readUnshared is unique;
the deserialized object may define a readResolve method which returns an
object visible to other parties, or readUnshared may return a Class
object or enum constant obtainable elsewhere in the stream or through
external means.
However, for objects which are not enum constants or instances of
java.lang.Class and do not define readResolve methods, readUnshared
guarantees that the returned object reference is unique and cannot be
obtained a second time from the ObjectInputStream that created it, even
if the underlying data stream has been manipulated. This guarantee
applies only to the base-level object returned by readUnshared, and not
to any transitively referenced sub-objects in the returned object graph.
ObjectInputStream subclasses which override this method can only be
constructed in security contexts possessing the
"enableSubclassImplementation" SerializablePermission; any attempt to
instantiate such a subclass without this permission will cause a
SecurityException to be thrown.
// if nested read, passHandle contains handle of enclosing object
int outerHandle = passHandle;
try {
Object obj = readObject0(true);
handles.markDependency(outerHandle, passHandle);
ClassNotFoundException ex = handles.lookupException(passHandle);
if (ex != null) {
throw ex;
}
if (depth == 0) {
vlist.doCallbacks();
}
return obj;
} finally {
passHandle = outerHandle;
if (closed && depth == 0) {
clear();
}
}
|
| public int | readUnsignedByte()Reads an unsigned 8 bit byte.
return bin.readUnsignedByte();
|
| public int | readUnsignedShort()Reads an unsigned 16 bit short.
return bin.readUnsignedShort();
|
| public void | registerValidation(java.io.ObjectInputValidation obj, int prio)Register an object to be validated before the graph is returned. While
similar to resolveObject these validations are called after the entire
graph has been reconstituted. Typically, a readObject method will
register the object with the stream so that when all of the objects are
restored a final set of validations can be performed.
if (depth == 0) {
throw new NotActiveException("stream inactive");
}
vlist.register(obj, prio);
|
| protected java.lang.Class | resolveClass(java.io.ObjectStreamClass desc)Load the local class equivalent of the specified stream class
description. Subclasses may implement this method to allow classes to
be fetched from an alternate source.
The corresponding method in ObjectOutputStream is
annotateClass. This method will be invoked only once for
each unique class in the stream. This method can be implemented by
subclasses to use an alternate loading mechanism but must return a
Class object. Once returned, the serialVersionUID of the
class is compared to the serialVersionUID of the serialized class. If
there is a mismatch, the deserialization fails and an exception is
raised.
By default the class name is resolved relative to the class that
called readObject.
String name = desc.getName();
try {
return Class.forName(name, false, latestUserDefinedLoader());
} catch (ClassNotFoundException ex) {
Class cl = (Class) primClasses.get(name);
if (cl != null) {
return cl;
} else {
throw ex;
}
}
|
| protected java.lang.Object | resolveObject(java.lang.Object obj)This method will allow trusted subclasses of ObjectInputStream to
substitute one object for another during deserialization. Replacing
objects is disabled until enableResolveObject is called. The
enableResolveObject method checks that the stream requesting to resolve
object can be trusted. Every reference to serializable objects is passed
to resolveObject. To insure that the private state of objects is not
unintentionally exposed only trusted streams may use resolveObject.
This method is called after an object has been read but before it is
returned from readObject. The default resolveObject method just returns
the same object.
When a subclass is replacing objects it must insure that the
substituted object is compatible with every field where the reference
will be stored. Objects whose type is not a subclass of the type of the
field or array element abort the serialization by raising an exception
and the object is not be stored.
This method is called only once when each object is first
encountered. All subsequent references to the object will be redirected
to the new object.
return obj;
|
| protected java.lang.Class | resolveProxyClass(java.lang.String[] interfaces)Returns a proxy class that implements the interfaces named in a proxy
class descriptor; subclasses may implement this method to read custom
data from the stream along with the descriptors for dynamic proxy
classes, allowing them to use an alternate loading mechanism for the
interfaces and the proxy class.
This method is called exactly once for each unique proxy class
descriptor in the stream.
The corresponding method in ObjectOutputStream is
annotateProxyClass. For a given subclass of
ObjectInputStream that overrides this method, the
annotateProxyClass method in the corresponding subclass of
ObjectOutputStream must write any data or objects read by
this method.
The default implementation of this method in
ObjectInputStream returns the result of calling
Proxy.getProxyClass with the list of Class
objects for the interfaces that are named in the interfaces
parameter. The Class object for each interface name
i is the value returned by calling
Class.forName(i, false, loader)
where loader is that of the first non-null
class loader up the execution stack, or null if no
non-null class loaders are on the stack (the same class
loader choice used by the resolveClass method). Unless any
of the resolved interfaces are non-public, this same value of
loader is also the class loader passed to
Proxy.getProxyClass; if non-public interfaces are present,
their class loader is passed instead (if more than one non-public
interface class loader is encountered, an
IllegalAccessError is thrown).
If Proxy.getProxyClass throws an
IllegalArgumentException, resolveProxyClass
will throw a ClassNotFoundException containing the
IllegalArgumentException.
ClassLoader latestLoader = latestUserDefinedLoader();
ClassLoader nonPublicLoader = null;
boolean hasNonPublicInterface = false;
// define proxy in class loader of non-public interface(s), if any
Class[] classObjs = new Class[interfaces.length];
for (int i = 0; i < interfaces.length; i++) {
Class cl = Class.forName(interfaces[i], false, latestLoader);
if ((cl.getModifiers() & Modifier.PUBLIC) == 0) {
if (hasNonPublicInterface) {
if (nonPublicLoader != cl.getClassLoader()) {
throw new IllegalAccessError(
"conflicting non-public interface class loaders");
}
} else {
nonPublicLoader = cl.getClassLoader();
hasNonPublicInterface = true;
}
}
classObjs[i] = cl;
}
try {
return Proxy.getProxyClass(
hasNonPublicInterface ? nonPublicLoader : latestLoader,
classObjs);
} catch (IllegalArgumentException e) {
throw new ClassNotFoundException(null, e);
}
|
| public int | skipBytes(int len)Skips bytes, block until all bytes are skipped.
return bin.skipBytes(len);
|
| private void | skipCustomData()Skips over all block data and objects until TC_ENDBLOCKDATA is
encountered.
int oldHandle = passHandle;
for (;;) {
if (bin.getBlockDataMode()) {
bin.skipBlockData();
bin.setBlockDataMode(false);
}
switch (bin.peekByte()) {
case TC_BLOCKDATA:
case TC_BLOCKDATALONG:
bin.setBlockDataMode(true);
break;
case TC_ENDBLOCKDATA:
bin.readByte();
passHandle = oldHandle;
return;
default:
readObject0(false);
break;
}
}
|
| private void | verifySubclass()Verifies that this (possibly subclass) instance can be constructed
without violating security constraints: the subclass must not override
security-sensitive non-final methods, or else the
"enableSubclassImplementation" SerializablePermission is checked.
Class cl = getClass();
synchronized (subclassAudits) {
Boolean result = (Boolean) subclassAudits.get(cl);
if (result == null) {
/*
* Note: only new Boolean instances (i.e., not Boolean.TRUE or
* Boolean.FALSE) must be used as cache values, otherwise cache
* entry will pin associated class.
*/
result = new Boolean(auditSubclass(cl));
subclassAudits.put(cl, result);
}
if (result.booleanValue()) {
return;
}
}
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION);
}
|
