Earlier I was storing only string in my file which can be store in SD card now I would to store byte[] also in same files. So do I just need to store normal to the file like this:
for string:- bufferWritter.write(data);
for bytes:- FileUtils.writeByteArrayToFile(new File("pathname"), myByteArray)
or fos.write(myByteArray);
So if I do like that then how can I differ message whether it is string or byte[].
Even I would like to know that is this is a good way to do?
You would need to write some sort of header to your file which should state what it does represent.
If you have multiple items in one file, also specify the length of the data parts.
[byte] sort of data (0=String, 1=Image)
And then the actual data.
But I would recommend you use a different format like json or make a serializable object.
I would give a try to some JSON implementation (maybe GSON? or some alternative) so you can have stored mixed data types in one file or write your own de/serialization routine so you can store whole objects.
Note: if you implement Serializable interface by a class that represent object to be stored, don't forget to re-generate UUID each time you change contents of that class, it will save you some time figuring out what went wrong
Related
I need to parse untrusted Java serialized objects. The data is given to me as a byte array (written at some point by ObjectOutputStream).
I do not want to simply call ObjectInputStream.readObject() and/or load the actual object. I am looking for a way to safely parse the bytes and grab field names & values.
--
Here's a little summary of my attempt so far, after taking a look at the ObjectInputStream procedure for deserializing objects.
I have tried to extract field types/names (as unicode strings) recursively based on expected stream constants. I end up with a list of field names whose values should appear in the byte array in order. I am uneasy about this approach because it is probably buggy. Especially accommodating for what seems to be individual serialization protocols followed by HashMap, ArrayList, etc. But it might work, if I can figure out a way to read the bytes that represent field values:
I can try to read and store primitives based on size/offset, but when I encounter my first object, it gets a bit more complicated -- there is no clear way to distinguish between which bytes are associated with which values anymore (without actually loading the object in the way that ObjectInputStream probably does?).
--
Can anyone suggest either a potential solution that I'm obviously looking past, or a trusted library that can help parse the serialized data without loading objects?
Thank you for reading, and for all comments/suggestions!!! I apologize if something is unclear and I would be happy to clarify if you bear with me.
You can't do this in principle. Any Java class can take over its own Serialization and write arbitrary data to the stream that only it knows how to parse and reconstruct, via code that is only invoked during deserialization.
How would one go about making a byte[] that is a packet that needs to be run through an RC4 encryption class and then sent to a server?
So let's say I need the packet to stsrt with a string, followed with an int, byte, int, string. How would I create that as a byte array? (Byte[])
Thanks!
OK, so you have a data structure containing strings, integers and bytes, that you want to serialize to a byte array. There are several options:
create a Serializable class containing all this information as fields, and use an ObjectOutputStream to write it. Beware: the result will only be easily readable by a Java program using the exact same class.
create a class containing all this information as fields, and use a JSON object mapper (like Jackson) to write it.
create a class containing all this information as fields, and use an XML object mapper (like JAXB) to write it.
design a binary representation of this structure, that can be transformed back into the individual parts, and use a DataOutputStream to write it.
Use protocol buffers
...
This is my first question to StackOverflow. Please let me know if the question is not clear and need any more details.
I have a class which has three attributes like this:
class SampleClass {
long [] field1;
float[] field2;
float[] field3;
}
A huge SampleClass object is built(with about a billion entries for each array). This object is serialized in one host and the serialized file is uploaded to another machine. Now I want to deserialize only a portion of the file so that I can get a smaller SampleClass object with about 10 indices filled for each field and not the complete object. Because this machine does not have enough capacity to load such a huge object in memory. Is this possible?
The object is serialized using JAVA's writeObject method and it is done by a different utility and so I have no control over it. Thanks in advance.
Forget using the Java serialization API - it's only designed to deserialize everything. If you have no control over how the serialized file is generated, then you should consider parsing the serialized file yourself and extracting the necessary parts - it's not really that hard.
The Java serialization format is well-documented (see e.g. official docs, informative article), and tools exist to parse the format (e.g. Serialysis, jdeserialize) though it isn't particularly hard to write your own tool based on the format spec.
Once you can parse the serialized data, you can simply extract what you need and skip over what you don't need.
Your best bet is to actually serialize only the portion you need, given that you cannot control/override serialization itself. On the machine which serialized entire file and is able to deserialize it:
1) load entire file into object
2) create new object of SampleClass
3) copy elements from required region in each array to blank SampleClass object
4) serialize this smaller version
If it helps any, fields can be made transient so they will not be serialized.
Still, it looks to me that this object should be in database:
It does not fit virtual memory
only portion of it is required at given time.
So you could use hard disk to store it and queries to get required portions.
I have an Array of Objects called "person" and i need to save that data, Is there a way to output an array and then input it back into the program. I have tried simply outputting the raw String and int data that makes up each "person" and the program never writes that data to the specified txt file. Is there a method or function that can write raw object data and then retrieve it?
You should have a look to ObjectOutputStream and ObjectOutputStream and the Serializable interface. What you are trying to do is to serialize your data to a file and load (deserialize) it back again.
You can use standard Java serialisation. Another trivial solution is to use XStream, which will serialise your objects into/from XML. You don't need to implement specific interfaces or annotate your objects (by default) and you'll get a readable (in XML terms) serialisation, which can be useful.
One approach would be to use Serialization provided by Java. You need to implement the java.io.Serializable interface and write and read to and from the ObjectOutputStream and ObjectInputStream classes to store and retrieve data respectively.
You need serialization. Read this.
What is the best way to convert a byte[] to Object java.io.File? i dont want write this in the disk just get a object File.
The File object is just a wrapper around the name for a real file on the disk. It does not contain any data. You will have to write your byte array into a file first. After the API you then call is done, you can maybe delete that file again. Search for how to manage temporary files in Java.
java has serilazebal interface to persistent your object;
i guess u want custom serialize method, like c strct;
refences :
https://github.com/MisterChangRay/magic-byte
http://code.google.com/p/javastruct/wiki/HowToUseJavaStruct