Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG]fastjson2 2.0.28一直到最新版本特定情况下反序列化字段读取值错误 #3146

Open
zhuquanzhen opened this issue Nov 1, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@zhuquanzhen
Copy link

zhuquanzhen commented Nov 1, 2024

问题描述

fastjson2 2.0.28一直到最新版本,在对json字符串反序列化的时候,如果有字段为字符串"1",并且在反序列化之前对相应字符串做过以下操作时,
image
然后再序列化时读取不到值

环境信息

  • OS信息: [e.g.:CentOS 7、win10等系统]
  • JDK信息: [e.g.:Openjdk 1.8.0_312]
  • 版本信息:[e.g.:Fastjson2 2..0.28]

重现步骤

  1. 使用 下面代码测试,目前测试只有字符串"1"会出现问题,2.0.27和之前的版本解析没问题,错误如图:
    image
    读取不到所有值为“1”的字段了
    【测试代码】
public class TestFastJson {
    public static void main(String[] args) {
        User user = new User();
        user.setId("test1");
        user.setName("1");
        user.setPassword("1");
        String str1 = JSONObject.toJSONString(user);
        JSONObject jsonObject = JSONObject.parseObject(str1);
        // 模拟清理内存中的密码
        clearPassword(jsonObject.getString("password"));
        JSONObject jsonObject2 = JSONObject.parseObject(str1);
    }

    private static void clearPassword(String pw) {
        try {
            Field field = String.class.getDeclaredField("value");
            field.setAccessible(true);
            char[] value = (char[]) field.get(pw);
            Arrays.fill(value,'\u0000');
        } catch (NoSuchFieldException e) {
            e.printStackTrace();
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        }
    }
}

期待的正确结果

希望能够正常反序列化,业务代码经常会有清除内存敏感数据的场景,不确定是否还有别的问题,希望能够解答问题的具体原因,十分感谢

@zhuquanzhen zhuquanzhen added the bug Something isn't working label Nov 1, 2024
@zhuquanzhen zhuquanzhen changed the title [BUG]fastjson2 2.0.28一直到最新版本反序列化字段值错误 [BUG]fastjson2 2.0.28一直到最新版本特定情况下反序列化字段值读取值错误 Nov 1, 2024
@zhuquanzhen zhuquanzhen changed the title [BUG]fastjson2 2.0.28一直到最新版本特定情况下反序列化字段值读取值错误 [BUG]fastjson2 2.0.28一直到最新版本特定情况下反序列化字段读取值错误 Nov 1, 2024
@wenshao
Copy link
Member

wenshao commented Nov 2, 2024

这种引发的bug太奇怪了,目前没有计划去排查和修复,既然做了这样魔改,问题你要自己去诊断

@cn19
Copy link

cn19 commented Nov 6, 2024

这不是破坏java string的不可变性了么,这个也算第三方库的bug么

@accestfromim
Copy link

我试了一下,貌似长度<=2的字符串才会有这个bug,而且这个操作之后似乎很难说是fastjson的bug

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

4 participants