org.sonar.l10n.java.rules.java.S2066.html Maven / Gradle / Ivy
Why is this an issue?
Non-static inner classes contain a reference to an instance of the outer class. Hence, serializing a non-static inner class will result in an
attempt at serializing the outer class as well. If the outer class is not serializable, serialization will fail, resulting in a runtime error.
Making the inner class static (i.e., "nested") avoids this problem, as no reference to an instance of the outer class is required.
Serializing the inner class can be done independently of the outer class. Hence, inner classes implementing Serializable should be
static if the outer class does not implement Serializable.
Be aware of the semantic differences between an inner class and a nested one:
- an inner class can only be instantiated within the context of an instance of the outer class.
- a nested (
static) class can be instantiated independently of the outer class.
How to fix it
Make the inner class static or make the outer class Serializable.
Code examples
Noncompliant code example
public class Pomegranate {
// ...
public class Seed implements Serializable { // Noncompliant, serialization will fail due to the outer class not being serializable
// ...
}
}
Compliant solution
public class Pomegranate {
// ...
public static class Seed implements Serializable { // Compliant, the outer class will not be serialized and hence cannot be the cause for a failure at runtime
// ...
}
}
Resources
- CERT SER05-J. - Do not serialize instances of inner classes
© 2015 - 2024 Weber Informatics LLC | Privacy Policy