tags:

views:

1797

answers:

4
+1  Q: 

Java - Modifying serialVersionUID of binary serialized object

A few months back I serialized a java.io.Serializable object into a file. Now I need to read the contents, but since then the serialVersionUID has changed, and now I'm getting a "class incompatible" error. I know for a fact that none of the data members have changed, so the only barrier is the serialVersionUID check.

Is there a way to either disable the check or to modify the serialVersionUID in the binary file?

CLARIFICATION

This question is assuming that I can't edit the source. Is there a way I can hack the .class file or perhaps hack the serialized object file (use a hex editor and change a value at some certain offset)?

A: 

It is documented that Serialization is not intended to be used for persisting data. In order to get that data back, you will need to downgrade your version of the JVM to the version that was used to output that data.

For future reference, don't use serialization to persist data between sessions of the JVM.

Matthew Brubaker  2009-01-14 22:16:59
You *can* use serialization in this manner as long as you set the serialVersionUID. From the Serializable doc - "Therefore, to guarantee a consistent serialVersionUID value across different java compiler implementations, a serializable class must declare an explicit serialVersionUID value."
CurtainDog  2009-04-16 13:19:04
+2  A: 

Why not modify the serialVersionUID in your current version instead as described in the Serialization documentation?

Jon Skeet  2009-01-14 22:20:35
The way his question was written indicates that the object is not under his control to be able to make that change.
Matthew Brubaker  2009-01-14 22:21:50
But if that is the case, then yes. Changing the serialVersionUID back to what it was when he wrote the data out would allow him to read it back in.
Matthew Brubaker  2009-01-14 22:22:40
It doesn't matter if the class isn't under his control. He can just write a new one with the same name, members, and serialVersionUID
Adrian Pronk  2009-01-14 22:30:34
This will work only if the class has no elements that will break on deserialization from the old vers. If you remove a member variable and try to fool it with serialVersionUID it will throw an Exception deserializing from the old files.
Steve B.  2009-01-18 02:23:25
@SteveB: Read the question: " I know for a fact that none of the data members have changed, so the only barrier is the serialVersionUID check."
Jon Skeet  2009-01-18 07:38:11
+1  A: 

As a hack, you can generate the serialVer your jvm is probably using using the serialver tool:

serialver -classpath whatever com.foo.bar.MyClass

If you then manually set the serialVerUID in your class it ought to match and you ought to be able to load, assuming you haven't changed the class in such a way as to invalidate.

Steve B.  2009-01-14 22:24:35
For this to work, you need access to the class file as it was when the object it was serialized. Hopefully it's in the Version Control archive?
Adrian Pronk  2009-01-14 22:28:11
You could also write your own readObject, I think that you'd probably be able to read the fields in declared order.
Steve B.  2009-01-14 22:31:40
A: 

I recently found myself in a similar situation--I had some serialized objects that I had to read, the serialVersionUID of those objects was different than the newest version and, in my case, there were a couple of different serialVersionUIDs stored in the file for the same class (stored at different times, obviously). So I didn't have the luxury of modifying the class and setting its serialVersionUID; I actually had to go in and modify the stored data.

What I figured out (by reading the java.io source code) is that an object gets serialized by first storing the class name (using writeUTF()) and then immediately after using writeLong() to save the serialVersionUID.

My solution was to catch the exception then go back, look for the class name, and immediately after the class name replace the old serialVersionUID with the new.

 2009-04-16 13:04:43

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java