SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Ankur Goyal

Saved on

compared with

New Version 17

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot

...

Code Block
bgColor#ccccff
class WeaponStore implements Serializable {
  int noOfWeapons = 10; // Total number of weapons	
}

public class GameWeapon implements Serializable {
  WeaponStore ws = new WeaponStore();
  private static final ObjectStreamField[] serialPersistentFields
    = {new ObjectStreamField("ws""ws", WeaponStore.class)};

  private void readObject(ObjectInputStream ois) throws IOException {
    try {
      ObjectInputStream.GetField gf = ois.readFields();
      this.ws = (WeaponStore) gf.get("ws""ws", ws);
    } catch (ClassNotFoundException e) { /* Forward to handler */ }
  }
	 
  private void writeObject(ObjectOutputStream oos) throws IOException {
    ObjectOutputStream.PutField pf = oos.putFields();
    pf.put("ws""ws", ws);
    oos.writeFields();
  }
	 
  public String toString() {
    return String.valueOf(ws);
  }
}

...

Wiki Markup
\[[API 06|AA. Java References#API 06]\]
\[[Sun 06|AA. Java References#Sun 06]\] ""Serialization specification"", ""1.5  Defining Serializable Fields for a Class"" and ""1.7  Accessing Serializable Fields of a Class""
\[[Bloch 08|AA. Java References#Bloch 08]\] Item 74: ""Implement serialization judiciously""
\[[Harold 06|AA. Java References#Harold 06]\] 13.7.5. serialPersistentFields
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 589|http://cwe.mitre.org/data/definitions/589.html] ""Call to Non-ubiquitous API""

...

14. Serialization (SER)            14. Serialization (SER)            SER01-J. Avoid memory and resource leaks during serialization