...
| Code Block | ||
|---|---|---|
| ||
public void readExternal(ObjectInput in)
throws IOException, ClassNotFoundException {
// Read instance fields
this.name = (String)in.readObject();
this.UID = in.readInt();
//...
}
|
...
This compliant solution protects against multiple initialization through the use of a Boolean flag that is set after the instance fields have been populated. It also protects against race conditions by synchronizing on a private lock object (see rule LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code).
| Code Block | ||
|---|---|---|
| ||
private final Object lock = new Object();
private boolean initialized = false;
public void readExternal(ObjectInput in)
throws IOException, ClassNotFoundException {
synchronized (lock) {
if (!initialized) {
// Read instance fields
this.name = (String)in.readObject();
this.UID = in.readInt();
//...
initialized = true;
} else {
throw new IllegalStateException();
}
}
}
|
Note that this compliant solution is insufficient inadequate to protect sensitive data.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="80f94a50f381fd62-3ae80e13-40d44804-96ea819f-41fd1c0dad2a4e37f0749cae"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="05101feba7a36c5b-2a993e69-4ba24535-91febd96-d56536d54e7441f24599b287"><ac:plain-text-body><![CDATA[ | [[Sun 2006 | AA. Bibliography#Sun 06]] | " Serialization specification: Specification, A.7, Preventing Overwriting of Externalizable Objects " | ]]></ac:plain-text-body></ac:structured-macro> |
...