Finding serialVersionUID of serialized object

2019-02-03 07:20发布

站内问答 / Java
570 9 4

Is there a way to determine the generated serialVersionUID of a serialized Java object?

The problem is that I serialized an object without explicitely specifying the serialVersionUID. Now the deserialization process complains about class incompatibilities. However I didn't change the class in a way which would make it incompatible. So I assume that it is enough to specify the serialVersionUID in the class as it is stored in the object data. In order to do this I need to read the serialVersionUID from the serialized data.

9条回答
在下西门庆
2楼-- · 2019-02-03 07:41

There is metadata associated with the serialized bits (a header if you like). You can read the value from the metadata if you know at which position it is (the SerialVersionUID is written there along with other info such as the class name).

I think this article might help you: The Java serialization algorithm revealed.

Note that the bits are written "in clear" (unless you encrypted the stream explicitly) so a HEX editor might be all you need to see what is the SerialVersionUID.

查看更多
0人赞 添加讨论(0) 举报
Animai°情兽
3楼-- · 2019-02-03 07:42

This works for me:

long serialVersionUID = ObjectStreamClass.lookup(YourObject.getClass()).getSerialVersionUID();

Hope it helps you too.

查看更多
0人赞 添加讨论(0) 举报
Viruses.
4楼-- · 2019-02-03 07:44

There's an easy way to find out serialversionUID of a class-

Suppose you have class in which you have forgotten to mention serialversionUID-

import java.io.Serializable;

public class TestSerializable implements Serializable {

}

Just do this-

serialver -classpath . TestSerializable

This prints- 

static final long serialVersionUID = 5832063776451490808L;

serialver is a utility that comes along with JDK

查看更多
0人赞 添加讨论(0) 举报
闹够了就滚
5楼-- · 2019-02-03 07:44

enter image description here for Android developers,

you can also enable serialization inspection from Settings -> Editor -> Inspections -> enable "Serializable class without 'serialVersionUID' check" first, then ALT+ ENTER, the studio will create serialVersionUID for you.

查看更多
0人赞 添加讨论(0) 举报
Deceive 欺骗
6楼-- · 2019-02-03 07:47

You can do this by extending ObjectInputStream:

public class PrintUIDs extends ObjectInputStream {

  public PrintUIDs(InputStream in) throws IOException {
    super(in);
  }

  @Override
  protected ObjectStreamClass readClassDescriptor() throws IOException,
      ClassNotFoundException {
    ObjectStreamClass descriptor = super.readClassDescriptor();
    System.out.println("name=" + descriptor.getName());
    System.out.println("serialVersionUID=" + descriptor.getSerialVersionUID());
    return descriptor;
  }

  public static void main(String[] args) throws IOException,
      ClassNotFoundException {
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream oos = new ObjectOutputStream(baos);
    List<Object> list = Arrays.asList((Object) new Date(), UUID.randomUUID());
    oos.writeObject(list);
    oos.close();
    InputStream in = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream ois = new PrintUIDs(in);
    ois.readObject();
  }

}

I believe it would be possible to read all the serialized data by replacing the descriptor returned by the method, but I haven't tried it.

查看更多
0人赞 添加讨论(0) 举报
可以哭但决不认输i
7楼-- · 2019-02-03 07:57

there is much simpler way to get the serialVersionUID of serialized object - just deserialize it with apache commons serialization utils to same class with different serial version uid and read the exception message which will be more or less:

org.apache.commons.lang.SerializationException: java.io.InvalidClassException: my.example.SerializableClass; local class incompatible: stream classdesc serialVersionUID = -1, local class serialVersionUID = -2

查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)