Package org.mariuszgromada.math.mxparser

Class SerializationUtils

    • Constructor Detail

      • SerializationUtils

        public SerializationUtils()

    • Method Detail

      • enableBinarySerializationIamAwareOfSecurityRisks

        public static void enableBinarySerializationIamAwareOfSecurityRisks()
        Enables binary serialization done by the SerializationUtils. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.

      • disableBinarySerialization

        public static void disableBinarySerialization()
        Disables binary serialization done by the SerializationUtils. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.

      • isBinarySerializationEnabled

        public static boolean isBinarySerializationEnabled()
        Returns whether binary serialization done by SerializationUtils is enabled by. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Returns:
        True if enabled, false if disabled.

      • checkLastOperationWasSuccessful

        public static boolean checkLastOperationWasSuccessful()
        Information whether the last ordered operation under any serialization or deserialization method was correctly performed. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Returns:
        true if the operation was performed correctly, otherwise false.

      • getLastOperationMessage

        public static String getLastOperationMessage()
        Text information about the last operation performed by any serialization or deserialization method. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Returns:
        The content of the error in case of failure, information about the operation performed in case of success.

      • serializeToBytes

        public static byte[] serializeToBytes​(Serializable objectToSerialize)
        Serialization of an object to byte data. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Parameters:
        objectToSerialize - The object for which serialization is possible.
        Returns:
        The data object if the operation was successful, otherwise it returns null.
        See Also:
        getLastOperationMessage(), checkLastOperationWasSuccessful()

      • serializeToString

        public static String serializeToString​(Serializable objectToSerialize)
        Serialization of an object to String data. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Parameters:
        objectToSerialize - The object for which serialization is possible.
        Returns:
        The data string if the operation was successful, otherwise it returns null.
        See Also:
        getLastOperationMessage(), checkLastOperationWasSuccessful()

      • serializeToFile

        public static boolean serializeToFile​(Serializable objectToSerialize,
                                      String filePath)
        Serialization of an object to a file. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Parameters:
        objectToSerialize - The object for which serialization is possible.
        filePath - File path
        Returns:
        true if the operation was successful, otherwise it returns false.
        See Also:
        getLastOperationMessage(), checkLastOperationWasSuccessful()

      • deserializeFromBytes

        public static <T> T deserializeFromBytes​(byte[] data)
        Deserializes an object from byte data. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Type Parameters:
        T - Resulting class type.
        Parameters:
        data - Data object.
        Returns:
        The deserialized object if operation was successful, otherwise it returns null.

      • deserializeFromString

        public static <T> T deserializeFromString​(String data)
        Deserializes an object from string data. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Type Parameters:
        T - Resulting class type.
        Parameters:
        data - Data object.
        Returns:
        The deserialized object if operation was successful, otherwise it returns null.

      • deserializeFromFile

        public static <T> T deserializeFromFile​(String filePath)
        Deserializes an object from byte data. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Type Parameters:
        T - Resulting class type.
        Parameters:
        filePath - File path.
        Returns:
        The deserialized object if operation was successful, otherwise it returns null.

      • getSerialVersionUID

        public static long getSerialVersionUID​(int classId)
        Unique serialization UID based on library version and class id. Important - using binary serialization you confirm that you understand the security risks. WARNING: Deserializing data from an untrusted source can introduce security vulnerabilities to your application. Depending on the settings used during deserialization, untrusted data may be able to execute arbitrary code or cause a denial of service attack. Untrusted data can come from over the network from an untrusted source (e.g. any network client), or it can be manipulated/tampered by an intermediary while in transit over an unauthenticated connection, or from local storage where it may have been compromised/tampered, or from many other sources. MathParser.org-mXparser does not provide any means to authenticate data or secure it from tampering. Use an appropriate data authentication method before deserializing. Be very mindful of these attack scenarios; many projects and companies and users of serialization libraries in general have been bitten by untrusted deserialization of user data in the past.
        Parameters:
        classId - Class id
        Returns:
        The digits from the right 0 the first two digits are the class id, the digits 3 and 4 are the parser version in the PATCH range, the digits 5 and 6 are the parser version in the MINOR range, the digits 7 and 8 are the parser version in the MAJOR range.