File tree Expand file tree Collapse file tree 1 file changed +7
-4
lines changed
java/ql/src/Likely Bugs/Serialization Expand file tree Collapse file tree 1 file changed +7
-4
lines changed Original file line number Diff line number Diff line change @@ -15,15 +15,18 @@ import java
1515
1616from Method m , TypeSerializable serializable , string reason
1717where
18+ m .fromSource ( ) and
1819 m .getDeclaringType ( ) .hasSupertype + ( serializable ) and
1920 (
2021 m .hasStringSignature ( "readObject(ObjectInputStream)" ) or
2122 m .hasStringSignature ( "readObjectNoData()" ) or
22- m .hasName ( "writeObject(ObjectOutputStream)" )
23+ m .hasStringSignature ( "writeObject(ObjectOutputStream)" )
2324 ) and
2425 (
2526 not m .isPrivate ( ) and reason = "Method must be private"
26- or m .isStatic ( ) and reason = "Method must not be static"
27- or not m .getReturnType ( ) instanceof VoidType and reason = "Return type must be void"
27+ or
28+ m .isStatic ( ) and reason = "Method must not be static"
29+ or
30+ not m .getReturnType ( ) instanceof VoidType and reason = "Return type must be void"
2831 )
29- select m , reason
32+ select m , "Not recognized by Java serialization framework: " + reason
You can’t perform that action at this time.
0 commit comments