From faf7b25126bdc6580a076eb6e1d73faa41ea349e Mon Sep 17 00:00:00 2001 From: Jeremy Landis Date: Mon, 21 Aug 2017 16:24:53 -0400 Subject: [PATCH 1/2] [bugfix] Remove invalid marked transient on cacheKey as reported by sonarlint Test cases written around this to avoid this serious flaw in the future, configured origin of scanning asking for transient to be added, added comment about when this would actually fail serialization, and wrote test for that as well. --- .../org/apache/ibatis/cache/CacheKey.java | 3 +- .../org/apache/ibatis/cache/CacheKeyTest.java | 35 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/apache/ibatis/cache/CacheKey.java b/src/main/java/org/apache/ibatis/cache/CacheKey.java index 81184a793b5..5fb66fee87f 100644 --- a/src/main/java/org/apache/ibatis/cache/CacheKey.java +++ b/src/main/java/org/apache/ibatis/cache/CacheKey.java @@ -37,7 +37,8 @@ public class CacheKey implements Cloneable, Serializable { private int hashcode; private long checksum; private int count; - private transient List updateList; + // 8/21/2017 - Sonarlint flags this as needing to be marked transient. While true if content is not serializable, this is not always true and thus should not be marked transient. + private List updateList; public CacheKey() { this.hashcode = DEFAULT_HASHCODE; diff --git a/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java b/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java index 0f2071d6255..289eae2dae3 100644 --- a/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java +++ b/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java @@ -16,8 +16,16 @@ package org.apache.ibatis.cache; import static org.junit.Assert.*; + +import org.junit.Assert; import org.junit.Test; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.NotSerializableException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; import java.util.Date; public class CacheKeyTest { @@ -80,4 +88,31 @@ public void shouldTestCacheKeysWithBinaryArrays() throws Exception { assertTrue(key1.equals(key2)); } + @Test (expected = NotSerializableException.class) + public void serializationExceptionTest() throws ClassNotFoundException, IOException { + CacheKey cacheKey = new CacheKey(); + cacheKey.update(new Object()); + canSerialize(cacheKey); + } + + @Test + public void serializationTest() throws ClassNotFoundException, IOException { + CacheKey cacheKey = new CacheKey(); + cacheKey.update("serializable"); + canSerialize(cacheKey); + } + + private void canSerialize(final CacheKey object) throws ClassNotFoundException, IOException { + FileOutputStream fout = new FileOutputStream("target/address.ser"); + ObjectOutputStream output = new ObjectOutputStream(fout); + output.writeObject(object); + output.close(); + + FileInputStream fin = new FileInputStream("target/address.ser"); + ObjectInputStream input = new ObjectInputStream(fin); + CacheKey cacheKey = (CacheKey) input.readObject(); + input.close(); + + Assert.assertEquals(1, cacheKey.getUpdateCount()); + } } From 4e8be85f0a7f3dc09f3cb6e55000dcd0dbff0b54 Mon Sep 17 00:00:00 2001 From: Jeremy Landis Date: Mon, 21 Aug 2017 16:58:34 -0400 Subject: [PATCH 2/2] [ci] Update Copyright date --- src/test/java/org/apache/ibatis/cache/CacheKeyTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java b/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java index 289eae2dae3..b02f6f97dd4 100644 --- a/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java +++ b/src/test/java/org/apache/ibatis/cache/CacheKeyTest.java @@ -1,5 +1,5 @@ /** - * Copyright 2009-2015 the original author or authors. + * Copyright 2009-2017 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.