Hi,
I have a file that contains serialized Java classes. I would like to parse this file in order to get a list of the classes in the file and the serialVersionUID of each class.
Is there a tool anyone can recommend to do this, or perhaps someone could offer some pointers on where I should start to accomplish this myself?
Cheers
Rich
I don't know if there's already such a tool (if you have access to the classes themselves, the serialver tool can tell you the ID), but if you need to roll your own, Sun's serialzation spec should contain all the information you need - specifically, the grammar of the stream format.
Unfortunately not all classes (even in the JDK) obey the serialisation spec. In particular readObject does not always call defaultReadObject or readFields, with the equivalent mistake in writeObject.
You can detect which classes are being used whilst deserialising. ObjectInputStream uses resolveClass and resolveProxyClass to map class descriptors to actual Classes (some subclasses you different rules for class loader lookup).