Files
codeql/java/ql/src/Likely Bugs/Serialization/NonSerializableFieldTooGeneral.java
2018-09-23 16:24:31 -07:00

30 lines
827 B
Java

class WrongPair<L, R> implements Serializable{
private final L left; // BAD
private final R right; // BAD: L and R are not guaranteed to be serializable
public WrongPair(L left, R right){ ... }
...
}
class Pair<L extends Serializable, R extends Serializable> implements Serializable{
private final L left; // GOOD: L and R must implement Serializable
private final R right;
public Pair(L left, R right){ ... }
...
}
class WrongEvent implements Serializable{
private Object eventData; // BAD: Type is too general.
public WrongEvent(Object eventData){ ... }
}
class Event implements Serializable{
private Serializable eventData; // GOOD: Force the user to supply only serializable data
public Event(Serializable eventData){ ... }
}