diff options
| author |   Jim Hahn <jrh3@att.com> | 2020-06-18 10:42:08 -0400 |
|---|---|---|
| committer | Jim Hahn <jrh3@att.com> | 2020-06-18 13:34:03 -0400 |
| commit | 6c750f414961b3956919ef457d1bf1eb82064d15 (patch) | |
| tree | 5d9df6c0f59ba72d584dcd99fb3d9575fc76f5f0 /utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java | |
| parent | 611f63a4bb71d677cf2665b1794e91148ba42a51 (diff) | |
More sonar issues in policy-common
Addressed the following sonar issues:
- add parameters to types
- ObjectInputStream.readObject() is unsafe
Issue-ID: POLICY-2650
Change-Id: I41e1bd08643b04f409ce87c884cb0c28995e431b
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java')
| -rw-r--r-- | utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java b/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java index 9ab26d32..7e09cd96 100644 --- a/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java +++ b/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP Policy Engine - Common Modules * ================================================================================ - * Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,7 +73,7 @@ public class Serializer { * @return the object that was de-serialized from the byte array * @throws IOException if an error occurs */ - public static <T> T deserialize(Class<T> clazz, byte[] data) throws IOException { + private static <T> T deserialize(Class<T> clazz, byte[] data) throws IOException { try (ByteArrayInputStream in = factory.makeByteArrayInputStream(data); ObjectInputStream ois = factory.makeObjectInputStream(in)) { @@ -133,7 +133,11 @@ public class Serializer { */ public Object readObject(ObjectInputStream ois) throws IOException { try { - return ois.readObject(); + /* + * This class is only used by junit tests. In addition, it is only used by + * deserialize(), which has been made "private", thus disabling sonar. + */ + return ois.readObject(); // NOSONAR } catch (ClassNotFoundException e) { throw new IOException(e); |