View Javadoc
1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.codec.serialization;
17  
18  import io.netty.buffer.ByteBuf;
19  import io.netty.buffer.ByteBufOutputStream;
20  import io.netty.buffer.Unpooled;
21  import io.netty.util.internal.ObjectUtil;
22  
23  import java.io.DataOutputStream;
24  import java.io.IOException;
25  import java.io.ObjectOutput;
26  import java.io.ObjectOutputStream;
27  import java.io.OutputStream;
28  
29  /**
30   * An {@link ObjectOutput} which is interoperable with {@link ObjectDecoder}
31   * and {@link ObjectDecoderInputStream}.
32   * <p>
33   * <strong>Security:</strong> serialization can be a security liability,
34   * and should not be used without defining a list of classes that are
35   * allowed to be desirialized. Such a list can be specified with the
36   * <tt>jdk.serialFilter</tt> system property, for instance.
37   * See the <a href="https://docs.oracle.com/en/java/javase/17/core/serialization-filtering1.html">
38   * serialization filtering</a> article for more information.
39   *
40   * @deprecated This class has been deprecated with no replacement,
41   * because serialization can be a security liability
42   */
43  @Deprecated
44  public class ObjectEncoderOutputStream extends OutputStream implements
45          ObjectOutput {
46  
47      private final DataOutputStream out;
48      private final int estimatedLength;
49  
50      /**
51       * Creates a new {@link ObjectOutput} with the estimated length of 512
52       * bytes.
53       *
54       * @param out
55       *        the {@link OutputStream} where the serialized form will be
56       *        written out
57       */
58      public ObjectEncoderOutputStream(OutputStream out) {
59          this(out, 512);
60      }
61  
62      /**
63       * Creates a new {@link ObjectOutput}.
64       *
65       * @param out
66       *        the {@link OutputStream} where the serialized form will be
67       *        written out
68       *
69       * @param estimatedLength
70       *        the estimated byte length of the serialized form of an object.
71       *        If the length of the serialized form exceeds this value, the
72       *        internal buffer will be expanded automatically at the cost of
73       *        memory bandwidth.  If this value is too big, it will also waste
74       *        memory bandwidth.  To avoid unnecessary memory copy or allocation
75       *        cost, please specify the properly estimated value.
76       */
77      public ObjectEncoderOutputStream(OutputStream out, int estimatedLength) {
78          ObjectUtil.checkNotNull(out, "out");
79          ObjectUtil.checkPositiveOrZero(estimatedLength, "estimatedLength");
80  
81          if (out instanceof DataOutputStream) {
82              this.out = (DataOutputStream) out;
83          } else {
84              this.out = new DataOutputStream(out);
85          }
86          this.estimatedLength = estimatedLength;
87      }
88  
89      @Override
90      public void writeObject(Object obj) throws IOException {
91          ByteBuf buf = Unpooled.buffer(estimatedLength);
92          try {
93              // Suppress a warning about resource leak since oout is closed below
94              ObjectOutputStream oout = new CompactObjectOutputStream(
95                      new ByteBufOutputStream(buf));
96              try {
97                  oout.writeObject(obj);
98                  oout.flush();
99              } finally {
100                 oout.close();
101             }
102 
103             int objectSize = buf.readableBytes();
104             writeInt(objectSize);
105             buf.getBytes(0, this, objectSize);
106         } finally {
107             buf.release();
108         }
109     }
110 
111     @Override
112     public void write(int b) throws IOException {
113         out.write(b);
114     }
115 
116     @Override
117     public void close() throws IOException {
118         out.close();
119     }
120 
121     @Override
122     public void flush() throws IOException {
123         out.flush();
124     }
125 
126     public final int size() {
127         return out.size();
128     }
129 
130     @Override
131     public void write(byte[] b, int off, int len) throws IOException {
132         out.write(b, off, len);
133     }
134 
135     @Override
136     public void write(byte[] b) throws IOException {
137         out.write(b);
138     }
139 
140     @Override
141     public final void writeBoolean(boolean v) throws IOException {
142         out.writeBoolean(v);
143     }
144 
145     @Override
146     public final void writeByte(int v) throws IOException {
147         out.writeByte(v);
148     }
149 
150     @Override
151     public final void writeBytes(String s) throws IOException {
152         out.writeBytes(s);
153     }
154 
155     @Override
156     public final void writeChar(int v) throws IOException {
157         out.writeChar(v);
158     }
159 
160     @Override
161     public final void writeChars(String s) throws IOException {
162         out.writeChars(s);
163     }
164 
165     @Override
166     public final void writeDouble(double v) throws IOException {
167         out.writeDouble(v);
168     }
169 
170     @Override
171     public final void writeFloat(float v) throws IOException {
172         out.writeFloat(v);
173     }
174 
175     @Override
176     public final void writeInt(int v) throws IOException {
177         out.writeInt(v);
178     }
179 
180     @Override
181     public final void writeLong(long v) throws IOException {
182         out.writeLong(v);
183     }
184 
185     @Override
186     public final void writeShort(int v) throws IOException {
187         out.writeShort(v);
188     }
189 
190     @Override
191     public final void writeUTF(String str) throws IOException {
192         out.writeUTF(str);
193     }
194 }