One, lazy single case mode, to solve the reflection and deserialization of the vulnerability[Java] View Plain copy package com.iter.devbox.singleton; import java.io.objectstreamexception; import java.io.serializable; /** * loafers (How to prevent reflection and deserialization vulnerabilities) * @author Shearer * */ public class singletondemo6 implements serializable{ // class initialization, do not initialize this object (deferred loading, real time to create again) private static singletondemo6 instance; private singletondemo6 () { // prevent reflection from capturing multiple objects if (null != instance) { throw&Nbsp;new runtimeexception (); } } // Method synchronization, Low call efficiency public static synchronized SingletonDemo6 getinstance () { if (null == Instance) instance = new singletondemo6 (); return instance; } // Prevents deserialization of a vulnerability that obtains multiple objects. // Whether implementing the Serializable interface, or the Externalizable interface, when reading an object from the I/O stream, Readresolve () Method will be invoked to the. // actually replaces the object created in the deserialization process directly with the object returned in Readresolve (). &Nbsp; private object readresolve () throws ObjectStreamException { return instance; } } package com.iter.devbox.singleton; import java.io.fileinputstream; import java.io.fileoutputstream; import java.io.objectinputstream; import java.io.objectoutputstream; public class client2 { public Static void main (String[] args) throws Exception { singletondemo6 sc1 = singletondemo6.getinstance (); singletondemo6 sc2 = singletondemo6.getinstance (); &nbSp system.out.println (SC1);  // SC1,SC2 is the same object.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.