Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Testing if the finalize() method is called for objects created by deserialization
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.net.URL;
import java.net.HttpURLConnection;
/**
* Testing if the finalize() method is called for objects created by deserialization.
* 1 object is instantiated normally
* 1 object is deserialized
* 2 distinct URLs are opened when the finalize method is called.
*
* You can monitor Tomcat access log on another host:
* 192.168.1.2 - - [07/Apr/2016:11:26:09 -0700] "GET /constructed HTTP/1.1" 404 1005
* 192.168.1.2 - - [07/Apr/2016:11:26:09 -0700] "GET /serialized HTTP/1.1" 404 1003
*
* @author Pierre Ernst
*
*/
public class FinalizeTester {
private static class MyClass implements Serializable {
private static final long serialVersionUID = -1286918304474991144L;
private String url;
/**
* @param url
* monitor this URL to check if/when finalizer is called
*/
public MyClass(String url) {
this.url = url;
}
@Override
public void finalize() {
try {
((HttpURLConnection) new URL(this.url).openConnection()).getResponseCode();
} catch (IOException ex) {
// too late
}
}
}
private static byte[] serialize(Object o) throws IOException {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(o);
oos.close();
baos.close();
return baos.toByteArray();
}
private static Object deserialize(byte[] buffer) throws IOException, ClassNotFoundException {
ObjectInputStream ois = new ObjectInputStream(new ByteArrayInputStream(buffer));
Object o = ois.readObject();
ois.close();
return o;
}
private static String prettyPrintBinary(byte[] buffer) {
StringBuffer output = new StringBuffer();
output.append("/* " + ((buffer == null) ? 0 : buffer.length) + " */ byte[] buffer = new byte[] {");
if (buffer != null) {
for (int i = 0; i < buffer.length; i++) {
if (i > 0) {
output.append(',');
if ((i % 10) == 0) {
// output.append('\n');
}
}
output.append("(byte)0x");
String hex = Integer.toString((0xFF & buffer[i]), 16).toUpperCase();
if (hex.length() == 1) {
output.append('0');
}
output.append(hex);
}
}
output.append("};");
return output.toString();
}
public static void main(String... args) {
try {
// uncomment to build your own stream
// System.out.println(prettyPrintBinary(serialize(new MyClass("http://192.168.2.122:666/serialized"))));
Object o1 = deserialize(new byte[] { (byte) 0xAC, (byte) 0xED, (byte) 0x00, (byte) 0x05, (byte) 0x73,
(byte) 0x72, (byte) 0x00, (byte) 0x30, (byte) 0x63, (byte) 0x6F, (byte) 0x6D, (byte) 0x2E,
(byte) 0x73, (byte) 0x61, (byte) 0x6C, (byte) 0x65, (byte) 0x73, (byte) 0x66, (byte) 0x6F,
(byte) 0x72, (byte) 0x63, (byte) 0x65, (byte) 0x2E, (byte) 0x74, (byte) 0x72, (byte) 0x75,
(byte) 0x73, (byte) 0x74, (byte) 0x2E, (byte) 0x73, (byte) 0x31, (byte) 0x31, (byte) 0x6E,
(byte) 0x2E, (byte) 0x46, (byte) 0x69, (byte) 0x6E, (byte) 0x61, (byte) 0x6C, (byte) 0x69,
(byte) 0x7A, (byte) 0x65, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65,
(byte) 0x72, (byte) 0x24, (byte) 0x4D, (byte) 0x79, (byte) 0x43, (byte) 0x6C, (byte) 0x61,
(byte) 0x73, (byte) 0x73, (byte) 0xEE, (byte) 0x23, (byte) 0xF2, (byte) 0x9E, (byte) 0xD6,
(byte) 0xD1, (byte) 0xF5, (byte) 0xD8, (byte) 0x02, (byte) 0x00, (byte) 0x01, (byte) 0x4C,
(byte) 0x00, (byte) 0x03, (byte) 0x75, (byte) 0x72, (byte) 0x6C, (byte) 0x74, (byte) 0x00,
(byte) 0x12, (byte) 0x4C, (byte) 0x6A, (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x2F,
(byte) 0x6C, (byte) 0x61, (byte) 0x6E, (byte) 0x67, (byte) 0x2F, (byte) 0x53, (byte) 0x74,
(byte) 0x72, (byte) 0x69, (byte) 0x6E, (byte) 0x67, (byte) 0x3B, (byte) 0x78, (byte) 0x70,
(byte) 0x74, (byte) 0x00, (byte) 0x25, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70,
(byte) 0x3A, (byte) 0x2F, (byte) 0x2F, (byte) 0x31, (byte) 0x39, (byte) 0x32, (byte) 0x2E,
(byte) 0x31, (byte) 0x36, (byte) 0x38, (byte) 0x2E, (byte) 0x31, (byte) 0x37, (byte) 0x2E,
(byte) 0x31, (byte) 0x32, (byte) 0x39, (byte) 0x3A, (byte) 0x38, (byte) 0x30, (byte) 0x37,
(byte) 0x34, (byte) 0x2F, (byte) 0x73, (byte) 0x65, (byte) 0x72, (byte) 0x69, (byte) 0x61,
(byte) 0x6C, (byte) 0x69, (byte) 0x7A, (byte) 0x65, (byte) 0x64 });
Object o2 = new MyClass("http://192.168.2.122:666/constructed");
System.out.println(o1);
System.out.println(o2);
o1 = null;
o2 = null;
System.gc();
System.out.println("Please press enter...");
System.in.read();
} catch (Exception ex) {
ex.printStackTrace(System.err);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.