[fix](security): non-static inner class should not implement serialized interface, or when it is serialized it will contain outer class info, which is not safe #24454

fix: non-static inner class should not implement serialized interface, or when it is serialized it will contain outer class info, which is not safe

And in this scenario, the class does not use info of outer class, which should use static class instead
This commit is contained in:
xu tao
2023-09-18 15:55:43 +08:00
committed by GitHub
parent b9f1ac153a
commit ef4ab106d8
2 changed files with 3 additions and 3 deletions

View File

@ -552,7 +552,7 @@ public class DppScheduler {
return String.format(ETL_OUTPUT_PATH, fsDefaultName, outputPath, dbId, loadLabel, etlOutputDir);
}
private class InputSizeInvalidException extends LoadException {
private static class InputSizeInvalidException extends LoadException {
public InputSizeInvalidException(String msg) {
super(msg);
}

View File

@ -2476,12 +2476,12 @@ public class Coordinator implements CoordInterface {
// map from a BE host address to the per-node assigned scan ranges;
// records scan range assignment for a single fragment
class FragmentScanRangeAssignment
static class FragmentScanRangeAssignment
extends HashMap<TNetworkAddress, Map<Integer, List<TScanRangeParams>>> {
}
// Bucket sequence -> (scan node id -> list of TScanRangeParams)
class BucketSeqToScanRange extends HashMap<Integer, Map<Integer, List<TScanRangeParams>>> {
static class BucketSeqToScanRange extends HashMap<Integer, Map<Integer, List<TScanRangeParams>>> {
}