InvokerTransformer类

这个类在反序列化中格外重要,一步一步学过来...

InvokerTransformer类的主要作用就是利用Java反射机制来创建类实例!

类的声明:

public class InvokerTransformer implements Transformer, Serializable

类的构造方法如下:

private InvokerTransformer(String methodName) {
    this.iMethodName = methodName;
    this.iParamTypes = null;
    this.iArgs = null;
}


public InvokerTransformer(String methodName, Class[] paramTypes, Object[] args) {
    this.iMethodName = methodName;
    this.iParamTypes = paramTypes;
    this.iArgs = args;
}

类的成员方法:

public Object transform(Object input) {
    if (input == null) {
        return null;
    } else {
        try {
            Class cls = input.getClass();
            Method method = cls.getMethod(this.iMethodName, this.iParamTypes);
            return method.invoke(input, this.iArgs);
        } catch (NoSuchMethodException var5) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' does not exist");
        } catch (IllegalAccessException var6) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' cannot be accessed");
        } catch (InvocationTargetException var7) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' threw an exception", var7);
        }
    }
}

这个类最牛的地方就是构造函数和成员方法,原因?

仔细观察,先看transform这个方法,可以看到这个方法竟然把传入的参数input通过反射来调用input类中的方法。

并且还是任意方法,因为对于getMethod中的两个参数iMethodName和iParamTypes和iArgs我们在构造函数中都可以完全可控,所以这个类很🐂!

public InvokerTransformer(String methodName, Class[] paramTypes, Object[] args) {
    this.iMethodName = methodName;
    this.iParamTypes = paramTypes;
    this.iArgs = args;
}

public Object transform(Object input) {
    if (input == null) {
        return null;
    } else {
        try {
            Class cls = input.getClass();
            Method method = cls.getMethod(this.iMethodName, this.iParamTypes);
            return method.invoke(input, this.iArgs);
        } catch (NoSuchMethodException var5) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' does not exist");
        } catch (IllegalAccessException var6) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' cannot be accessed");
        } catch (InvocationTargetException var7) {
            throw new FunctorException("InvokerTransformer: The method '" + this.iMethodName + "' on '" + input.getClass() + "' threw an exception", var7);
        }
    }
}

那肯定会说这个类要如何使用呢?就比如简单的执行命令,如下所示:

public class Test {
    public static void main(String[] args) throws IOException {
        InvokerTransformer invokerTransformer = new InvokerTransformer("exec", new Class[]{String.class},new String[]{"calc"});
        invokerTransformer.transform(Runtime.getRuntime());
    }
}

posted @ 2021-05-02 21:38  zpchcbd  阅读(1378)  评论(0编辑  收藏  举报