A data-serialization system initially uses a recursive serialization algorithm to serialize a hierarchy of nested data objects by translating those objects into a serial stream of data. The system determines that a stack-overflow error is likely to occur whenever the number of objects serialized by the system exceeds a threshold value, or whenever the stack has reached an unacceptable level of utilization. When the system determines that a stack-overflow error is likely or if the system detects that a stack-overflow error will definitely occur if another object is serialized, the system either transfers control to a nonrecursive algorithm that does not require a stack data structure or reduces stack utilization by transferring contents of the stack to a variable-size queue-like data structure.

Techniques for performing constructor accessibility checks during deserialization are disclosed. A system receives a command that requires deserializing a serialized object of a target type. The system determines an ancestor type of the target type. Without calling any constructors and regardless of whether the ancestor type is serializable, the system determines whether a constructor of the ancestor type is accessible to the target type. The system deserializes the serialized object only after determining that the constructor of the ancestor type is accessible to the target type.

Methods for identifying potentially sensitive information and protecting such potentially sensitive information include scanning systems that collect and/or disseminate such information. Without limitation, systems collect and/or disseminate personal identification numbers (e.g., personal identification numbers, tax identification numbers, etc.), such as merchant systems, bank systems, healthcare systems, and the like, that collect, use, or disseminate sensitive information may be scanned to identify sequences of data that are likely to be sensitive, and may take actions to protect such sequences of data. Scanning and protection systems are also disclosed.

A data-serialization system initially uses a recursive serialization algorithm to serialize a hierarchy of nested data objects by translating those objects into a serial stream of data. The system determines that a stack-overflow error is likely to occur whenever the number of objects serialized by the system exceeds a threshold value, or whenever the stack has reached an unacceptable level of utilization. When the system determines that a stack-overflow error is likely or if the system detects that a stack-overflow error will definitely occur if another object is serialized, the system either transfers control to a nonrecursive algorithm that does not require a stack data structure or reduces stack utilization by transferring contents of the stack to a variable-size queue-like data structure.

Multi-inheritance within a single-inheritance, container-based data processing environment is provided for facilitating developing, storing, shipping and/or running software applications. More particularly, a facility is provided which includes generating, based on a configuration file with a multi-inheritance instruction, a composited image for a new container from multiple exiting images of the single-inheritance container-based environment. The multiple existing images are identified in the multi-inheritance instruction, and the generating includes creating a composited directory file which, in part, references layers of the multiple existing images and associating a command instruction of the configuration file with the composited file. The composited image is then built in associated with starting the new container based on the composited directory file and the associated command.

Multi-inheritance within a single-inheritance, container-based data processing environment is provided for facilitating developing, storing, shipping and/or running software applications. More particularly, a facility is provided which includes generating, based on a configuration file with a multi-inheritance instruction, a composited image for a new container from multiple exiting images of the single-inheritance container-based environment. The multiple existing images are identified in the multi-inheritance instruction, and the generating includes creating a composited directory file which, in part, references layers of the multiple existing images and associating a command instruction of the configuration file with the composited file. The composited image is then built in associated with starting the new container based on the composited directory file and the associated command.

Methods for identifying potentially sensitive information and protecting such potentially sensitive information include scanning systems that collect and/or disseminate such information. Without limitation, systems collect and/or disseminate personal identification numbers (e.g., personal identification numbers, tax identification numbers, etc.), such as merchant systems, bank systems, healthcare systems, and the like, that collect, use, or disseminate sensitive information may be scanned to identify sequences of data that are likely to be sensitive, and may take actions to protect such sequences of data. Scanning and protection systems are also disclosed.

An information processing apparatus according to an embodiment includes: a creation processing unit which creates information indicating a message structure based on which a length of a memory area to be secured in a stack area of a virtual address space assigned for a serialization process is determined during compilation; a serialization processing unit which performs a serialization process to serialize data from a device and write the serialized data into a data storage device using the information created by the creation processing unit; and a deserialization processing unit which reads the serialized data written into the data storage device and deserializes the read data using the information created by the creation processing unit.

Systems, devices, computer-implemented methods, and tangible non-transitory computer readable media for performing multilayered generation and processing of computer instructions are provided. For example, a computing device may receive a request with instructions in a first computer language, parse the instructions in the first computer language, analyze the instructions in the first computer language in view of information describing structure of a first application, generate instructions in a second computer language different from the first computer language where the instructions in the second computer language are generated based on the instructions in the first computer language and the information describing structure of the first application, obtain a result from a second application where the result comprises information based on the instructions in the second computing language, and provide the result in response to the request comprising the instructions in the first computer language.

A dynamic object model system identifies, from a first object data definition file, a first object definition of a first object of a first entity type; and identifies, from a second object data definition file, a second object definition of a second object of a second entity type. The first object definition defines an entity identifier for the first object, and the second object definition includes the entity identifier of the first object. The dynamic object model system determines, based on an object model definition, that objects of the second entity type refer to objects of the first entity type by entity identifier. Based on the object model definition, and based on the second object definition including the entity identifier of the first object, the dynamic object model system establishes a reference relationship between the first object and the second object within an object database.