Class PossibleIncompleteSerialization

  • All Implemented Interfaces:
    edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities

    public class PossibleIncompleteSerialization
    extends java.lang.Object
    implements edu.umd.cs.findbugs.Detector
    looks for classes that don't handle serialization of parent class member fields when the class in question is serializable but is derived from non serializable classes.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private edu.umd.cs.findbugs.BugReporter bugReporter  
      static java.lang.String SIG_OBJECT_OUTPUT_STREAM_TO_VOID  
      static java.lang.String SIG_OBJECT_OUTPUT_TO_VOID  
      • Fields inherited from interface edu.umd.cs.findbugs.Priorities

        EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY
    • Constructor Summary

      Constructors 
      Constructor Description
      PossibleIncompleteSerialization​(edu.umd.cs.findbugs.BugReporter bugReporter)
      constructs a PIS detector given the reporter to report bugs on
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private static boolean hasSerializableFields​(org.apache.bcel.classfile.JavaClass cls)
      looks for fields that are candidates for serialization
      private static boolean hasSerializingMethods​(org.apache.bcel.classfile.JavaClass cls)
      looks to see if this class implements method described by Serializable or Externalizable
      private static boolean isSerializable​(org.apache.bcel.classfile.JavaClass cls)
      returns if the class implements Serializable or Externalizable
      void report()  
      java.lang.String toString()  
      void visitClassContext​(edu.umd.cs.findbugs.ba.ClassContext classContext)
      implements the visitor to look for classes that are serializable, and are derived from non serializable classes and don't either implement methods in Externalizable or Serializable to save parent class fields.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Field Detail

      • SIG_OBJECT_OUTPUT_STREAM_TO_VOID

        public static final java.lang.String SIG_OBJECT_OUTPUT_STREAM_TO_VOID
      • SIG_OBJECT_OUTPUT_TO_VOID

        public static final java.lang.String SIG_OBJECT_OUTPUT_TO_VOID
      • bugReporter

        private final edu.umd.cs.findbugs.BugReporter bugReporter
    • Constructor Detail

      • PossibleIncompleteSerialization

        public PossibleIncompleteSerialization​(edu.umd.cs.findbugs.BugReporter bugReporter)
        constructs a PIS detector given the reporter to report bugs on
        Parameters:
        bugReporter - the sync of bug reports
    • Method Detail

      • visitClassContext

        public void visitClassContext​(edu.umd.cs.findbugs.ba.ClassContext classContext)
        implements the visitor to look for classes that are serializable, and are derived from non serializable classes and don't either implement methods in Externalizable or Serializable to save parent class fields.
        Specified by:
        visitClassContext in interface edu.umd.cs.findbugs.Detector
        Parameters:
        classContext - the context object of the currently parsed class
      • isSerializable

        private static boolean isSerializable​(org.apache.bcel.classfile.JavaClass cls)
                                       throws java.lang.ClassNotFoundException
        returns if the class implements Serializable or Externalizable
        Parameters:
        cls - the class to check for interfaces
        Returns:
        if the class implements Serializable or Externalizable
        Throws:
        java.lang.ClassNotFoundException - if a super class or super interfaces can't be found
      • hasSerializableFields

        private static boolean hasSerializableFields​(org.apache.bcel.classfile.JavaClass cls)
        looks for fields that are candidates for serialization
        Parameters:
        cls - the class to look for fields
        Returns:
        if their is a field that looks like it should be serialized
      • hasSerializingMethods

        private static boolean hasSerializingMethods​(org.apache.bcel.classfile.JavaClass cls)
        looks to see if this class implements method described by Serializable or Externalizable
        Parameters:
        cls - the class to examine for serializing methods
        Returns:
        whether the class handles it's own serializing/externalizing
      • report

        public void report()
        Specified by:
        report in interface edu.umd.cs.findbugs.Detector
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object