From ef4ab106d8dc20b5cad2a70951bc27771b5286e0 Mon Sep 17 00:00:00 2001
From: xu tao <xutao_ustc@163.com>
Date: Mon, 18 Sep 2023 15:55:43 +0800
Subject: [PATCH] [fix](security): non-static inner class should not implement
 serialized interface, or when it is serialized it will contain outer class
 info, which is not safe #24454

fix: non-static inner class should not implement serialized interface, or when it is serialized it will contain outer class info, which is not safe

And in this scenario, the class does not use info of outer class, which should use static class instead
---
 .../src/main/java/org/apache/doris/load/DppScheduler.java     | 2 +-
 fe/fe-core/src/main/java/org/apache/doris/qe/Coordinator.java | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/fe/fe-core/src/main/java/org/apache/doris/load/DppScheduler.java b/fe/fe-core/src/main/java/org/apache/doris/load/DppScheduler.java
index c037f25b60..f777cdfa74 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/load/DppScheduler.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/load/DppScheduler.java
@@ -552,7 +552,7 @@ public class DppScheduler {
         return String.format(ETL_OUTPUT_PATH, fsDefaultName, outputPath, dbId, loadLabel, etlOutputDir);
     }
 
-    private class InputSizeInvalidException extends LoadException {
+    private static class InputSizeInvalidException extends LoadException {
         public InputSizeInvalidException(String msg) {
             super(msg);
         }
diff --git a/fe/fe-core/src/main/java/org/apache/doris/qe/Coordinator.java b/fe/fe-core/src/main/java/org/apache/doris/qe/Coordinator.java
index f601faba68..48f7191531 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/qe/Coordinator.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/qe/Coordinator.java
@@ -2476,12 +2476,12 @@ public class Coordinator implements CoordInterface {
 
     // map from a BE host address to the per-node assigned scan ranges;
     // records scan range assignment for a single fragment
-    class FragmentScanRangeAssignment
+    static class FragmentScanRangeAssignment
             extends HashMap<TNetworkAddress, Map<Integer, List<TScanRangeParams>>> {
     }
 
     // Bucket sequence -> (scan node id -> list of TScanRangeParams)
-    class BucketSeqToScanRange extends HashMap<Integer, Map<Integer, List<TScanRangeParams>>> {
+    static class BucketSeqToScanRange extends HashMap<Integer, Map<Integer, List<TScanRangeParams>>> {
 
     }