当前页面: 在线文档首页 > JDK 5 Documentation v1.3.1, Java 2 SDK 英文文档
CONTENTS | PREV | NEXT
Copyright © 1997-1999 Sun Microsystems, Inc. All Rights Reserved.
Java Object Serialization Specification: - Security in Object Serialization - JDK 5 Documentation v1.3.1, Java 2 SDK 英文文档
| CONTENTS | PREV | NEXT | Java Object Serialization Specification |
A.7 Preventing Overwriting of Externalizable Objects
Objects which implement theExternalizableinterface must provide a publicreadExternalmethod. Since this method is public, it can be called at arbitrary times by anyone with access to the object. To prevent overwriting of the object's internal state by multiple (illegal) calls toreadExternal, implementors may choose to add checks to insure that internal values are only set when appropriate:public synchronized void readExternal(ObjectInput in) throws IOException, ClassNotFoundException { if (! initialized) { initialized = true; // read in and set field values ... } else { throw new IllegalStateException(); } }
CONTENTS | PREV | NEXT
Copyright © 1997-1999 Sun Microsystems, Inc. All Rights Reserved.