Serializing and deserializing data is not a problem by itself, or when the source of the data is known to be safe. These operations become dangerous when an app works with user-supplied data. For the ...