Permalink
Browse files

bug fixed for autoType support.

  • Loading branch information...
wenshao committed Jan 28, 2017
1 parent b05ad72 commit d52085ef54b32dfd963186e583cbcdfff5d101b5
Showing with 1,174 additions and 68 deletions.
  1. +1 −1 src/main/java/com/alibaba/fastjson/parser/DefaultJSONParser.java
  2. +176 −34 src/main/java/com/alibaba/fastjson/parser/ParserConfig.java
  3. +5 −7 src/main/java/com/alibaba/fastjson/parser/deserializer/MapDeserializer.java
  4. +1 −1 src/main/java/com/alibaba/fastjson/support/config/FastJsonConfig.java
  5. +0 −1 src/main/java/com/alibaba/fastjson/support/spring/FastJsonHttpMessageConverter4.java
  6. +0 −1 src/main/java/com/alibaba/fastjson/support/spring/FastJsonpHttpMessageConverter4.java
  7. +0 −2 src/main/java/com/alibaba/fastjson/support/spring/FastJsonpResponseBodyAdvice.java
  8. +0 −2 src/main/java/com/alibaba/fastjson/support/spring/FastjsonSockJsMessageCodec.java
  9. +23 −0 src/main/java/com/alibaba/fastjson/util/IdentityHashMap.java
  10. +74 −2 src/main/java/com/alibaba/fastjson/util/TypeUtils.java
  11. +4 −0 src/test/java/com/alibaba/json/bvt/MapRefTest1.java
  12. +4 −0 src/test/java/com/alibaba/json/bvt/MapRefTest2.java
  13. +4 −0 src/test/java/com/alibaba/json/bvt/MapRefTest3.java
  14. +7 −2 src/test/java/com/alibaba/json/bvt/TestExternal3.java
  15. +6 −2 src/test/java/com/alibaba/json/bvt/TestExternal4.java
  16. +6 −2 src/test/java/com/alibaba/json/bvt/TestExternal5.java
  17. +6 −2 src/test/java/com/alibaba/json/bvt/TestExternal6.java
  18. +4 −0 src/test/java/com/alibaba/json/bvt/WriteClassNameTest.java
  19. +4 −0 src/test/java/com/alibaba/json/bvt/WriteClassNameTest2.java
  20. +5 −1 src/test/java/com/alibaba/json/bvt/bug/Bug_for_Johnny.java
  21. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_NonStringKeyMap.java
  22. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_SpitFire_6.java
  23. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_cduym.java
  24. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_dragoon26.java
  25. +5 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_dubbo.java
  26. +5 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_dubbo2.java
  27. +5 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_generic.java
  28. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_issue_184.java
  29. +5 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_issue_291.java
  30. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_issue_415.java
  31. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_issue_430.java
  32. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_lenolix_10.java
  33. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_lenolix_11.java
  34. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_lenolix_7.java
  35. +2 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_lenolix_8.java
  36. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_lenolix_9.java
  37. +20 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_liuying.java
  38. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_stv_liu.java
  39. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Bug_for_zhaoyao.java
  40. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Issue146.java
  41. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Issue408.java
  42. +2 −0 src/test/java/com/alibaba/json/bvt/bug/Issue585.java
  43. +4 −0 src/test/java/com/alibaba/json/bvt/bug/Issue859.java
  44. +3 −0 src/test/java/com/alibaba/json/bvt/bug/Issue_748.java
  45. +3 −0 src/test/java/com/alibaba/json/bvt/bug/SerDeserTest.java
  46. +3 −0 src/test/java/com/alibaba/json/bvt/bug/TestJSONMap.java
  47. +2 −1 src/test/java/com/alibaba/json/bvt/parser/deser/AbstractSerializeTest.java
  48. +2 −0 src/test/java/com/alibaba/json/bvt/parser/deser/AbstractSerializeTest2.java
  49. +4 −0 src/test/java/com/alibaba/json/bvt/parser/deser/DefaultObjectDeserializerTest3.java
  50. +3 −0 src/test/java/com/alibaba/json/bvt/parser/deser/MapDeserializerTest.java
  51. +2 −2 src/test/java/com/alibaba/json/bvt/parser/deser/{ → deny}/DenyTest.java
  52. +45 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest10.java
  53. +50 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest11.java
  54. +2 −2 src/test/java/com/alibaba/json/bvt/parser/deser/{ → deny}/DenyTest2.java
  55. +2 −2 src/test/java/com/alibaba/json/bvt/parser/deser/{ → deny}/DenyTest3.java
  56. +28 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest4.java
  57. +24 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest5.java
  58. +32 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest6.java
  59. +40 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest7.java
  60. +36 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest8.java
  61. +35 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/DenyTest9.java
  62. +51 −0 src/test/java/com/alibaba/json/bvt/parser/deser/deny/InitJavaBeanDeserializerTest.java
  63. +40 −0 src/test/java/com/alibaba/json/bvt/parser/deser/generic/ByteListTest.java
  64. +27 −0 src/test/java/com/alibaba/json/bvt/parser/deser/generic/GenericMap.java
  65. +20 −0 src/test/java/com/alibaba/json/bvt/parser/deser/var/TwoTypeTest.java
  66. +16 −0 src/test/java/com/alibaba/json/bvt/serializer/exception/ExceptionTest.java
  67. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/MapTest.java
  68. +5 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest.java
  69. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest2.java
  70. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Collection.java
  71. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Collection2.java
  72. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_List.java
  73. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_List2.java
  74. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Set.java
  75. +7 −1 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Set2.java
  76. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Set3.java
  77. +4 −0 src/test/java/com/alibaba/json/bvt/writeClassName/WriteClassNameTest_Set4.java
  78. +148 −0 src/test/java/com/alibaba/json/test/FNV32_CollisionTest_2.java
  79. +31 −0 src/test/java/com/alibaba/json/test/deny/NotExistsTest.java
  80. +36 −0 src/test/java/com/derbysoft/spitfire/fastjson/ABCTest.java
  81. +8 −0 src/test/java/com/mchange/v2/c3p0/impl/PoolBackedDataSourceBase.java
@@ -319,7 +319,7 @@ public final Object parseObject(final Map object, Object fieldName) {
if (key == JSON.DEFAULT_TYPE_KEY && !lexer.isEnabled(Feature.DisableSpecialKeyDetect)) {
String typeName = lexer.scanSymbol(symbolTable, '"');
Class<?> clazz = TypeUtils.loadClass(typeName, config.getDefaultClassLoader());
Class<?> clazz = config.checkAutoType(typeName);
if (clazz == null) {
object.put(JSON.DEFAULT_TYPE_KEY, typeName);
@@ -104,14 +104,9 @@
import com.alibaba.fastjson.serializer.ObjectArrayCodec;
import com.alibaba.fastjson.serializer.ReferenceCodec;
import com.alibaba.fastjson.serializer.StringCodec;
import com.alibaba.fastjson.util.ASMClassLoader;
import com.alibaba.fastjson.util.ASMUtils;
import com.alibaba.fastjson.util.FieldInfo;
import com.alibaba.fastjson.util.IOUtils;
import com.alibaba.fastjson.util.IdentityHashMap;
import com.alibaba.fastjson.util.JavaBeanInfo;
import com.alibaba.fastjson.util.ServiceLoader;
import com.alibaba.fastjson.util.*;
import javax.sql.DataSource;
import javax.xml.datatype.XMLGregorianCalendar;
/**
@@ -120,31 +115,51 @@
public class ParserConfig {
public final static String DENY_PROPERTY = "fastjson.parser.deny";
public final static String AUTOTYPE_ACCEPT = "fastjson.parser.autoTypeAccept";
public final static String AUTOTYPE_SUPPORT_PROPERTY = "fastjson.parser.autoTypeSupport";
public static final String[] DENYS=readSystemDenyPropety();
public static final String[] DENYS;
private static final String[] AUTO_TYPE_ACCEPT_LIST;
public static final boolean AUTO_SUPPORT;
static {
{
String property = IOUtils.getStringProperty(DENY_PROPERTY);
DENYS = splitItemsFormProperty(property);
}
{
String property = IOUtils.getStringProperty(AUTOTYPE_SUPPORT_PROPERTY);
AUTO_SUPPORT = "true".equals(property);
}
{
String property = IOUtils.getStringProperty(AUTOTYPE_ACCEPT);
AUTO_TYPE_ACCEPT_LIST = splitItemsFormProperty(property);
}
}
public static ParserConfig getGlobalInstance() {
return global;
}
public static ParserConfig global = new ParserConfig();
public static ParserConfig global = new ParserConfig();
private final IdentityHashMap<Type, ObjectDeserializer> derializers = new IdentityHashMap<Type, ObjectDeserializer>();
private final IdentityHashMap<Type, ObjectDeserializer> derializers = new IdentityHashMap<Type, ObjectDeserializer>();
private boolean asmEnable = !ASMUtils.IS_ANDROID;
private boolean asmEnable = !ASMUtils.IS_ANDROID;
public final SymbolTable symbolTable = new SymbolTable(4096);
public final SymbolTable symbolTable = new SymbolTable(4096);
public PropertyNamingStrategy propertyNamingStrategy;
protected ClassLoader defaultClassLoader;
protected ASMDeserializerFactory asmFactory;
private static boolean awtError = false;
private static boolean jdk8Error = false;
private static boolean awtError = false;
private static boolean jdk8Error = false;
private String[] denyList = new String[] { "java.lang.Thread" };
private boolean autoTypeSupport = AUTO_SUPPORT;
private String[] denyList = "bsh,com.mchange,com.sun.,java.lang.Thread,java.net.Socket,java.rmi,javax.xml,org.apache.bcel,org.apache.commons.beanutils,org.apache.commons.collections.Transformer,org.apache.commons.collections.functors,org.apache.commons.collections4.comparators,org.apache.commons.fileupload,org.apache.myfaces.context.servlet,org.apache.tomcat,org.apache.wicket.util,org.codehaus.groovy.runtime,org.hibernate,org.jboss,org.mozilla.javascript,org.python.core,org.springframework".split(",");
private String[] acceptList = new String[0];
public ParserConfig(){
this(null, null);
@@ -260,8 +275,9 @@ private ParserConfig(ASMDeserializerFactory asmFactory, ClassLoader parentClassL
derializers.put(Comparable.class, JavaObjectDeserializer.instance);
derializers.put(Closeable.class, JavaObjectDeserializer.instance);
addDeny("java.lang.Thread");
addItemsToDeny(DENYS);
addItemsToAccept(AUTO_TYPE_ACCEPT_LIST);
}
private static String[] splitItemsFormProperty(final String property ){
@@ -270,24 +286,56 @@ private ParserConfig(ASMDeserializerFactory asmFactory, ClassLoader parentClassL
}
return null;
}
public void configFromPropety(Properties properties) {
String property = properties.getProperty(DENY_PROPERTY);
String[] items =splitItemsFormProperty(property);
addItemsToDeny(items);
{
String property = properties.getProperty(DENY_PROPERTY);
String[] items = splitItemsFormProperty(property);
addItemsToDeny(items);
}
{
String property = properties.getProperty(AUTOTYPE_ACCEPT);
String[] items = splitItemsFormProperty(property);
addItemsToAccept(items);
}
{
String property = properties.getProperty(AUTOTYPE_SUPPORT_PROPERTY);
if ("true".equals(property)) {
this.autoTypeSupport = true;
} else if ("false".equals(property)) {
this.autoTypeSupport = false;
}
}
}
private void addItemsToDeny(final String[] items){
if (items!=null){
for (int i = 0; i < items.length; ++i) {
String item = items[i];
this.addDeny(item);
}
if (items == null){
return;
}
for (int i = 0; i < items.length; ++i) {
String item = items[i];
this.addDeny(item);
}
}
public static String[] readSystemDenyPropety() {
String property = IOUtils.getStringProperty(DENY_PROPERTY);
return splitItemsFormProperty(property);
private void addItemsToAccept(final String[] items){
if (items == null){
return;
}
for (int i = 0; i < items.length; ++i) {
String item = items[i];
this.addAccept(item);
}
}
public boolean isAutoTypeSupport() {
return autoTypeSupport;
}
public void setAutoTypeSupport(boolean autoTypeSupport) {
this.autoTypeSupport = autoTypeSupport;
}
public boolean isAsmEnable() {
@@ -359,12 +407,6 @@ public ObjectDeserializer getDeserializer(Class<?> clazz, Type type) {
String className = clazz.getName();
className = className.replace('$', '.');
for (int i = 0; i < denyList.length; ++i) {
String deny = denyList[i];
if (className.startsWith(deny)) {
throw new JSONException("parser deny : " + className);
}
}
if (className.startsWith("java.awt.") //
&& AwtCodec.support(clazz)) {
@@ -466,6 +508,24 @@ public ObjectDeserializer getDeserializer(Class<?> clazz, Type type) {
return derializer;
}
/**
*
* @since 1.2.25
*/
public void initJavaBeanDeserializers(Class<?>... classes) {
if (classes == null) {
return;
}
for (Class<?> type : classes) {
if (type == null) {
continue;
}
ObjectDeserializer deserializer = createJavaBeanDeserializer(type, type);
putDeserializer(type, deserializer);
}
}
public ObjectDeserializer createJavaBeanDeserializer(Class<?> clazz, Type type) {
boolean asmEnable = this.asmEnable;
if (asmEnable) {
@@ -698,9 +758,91 @@ public void addDeny(String name) {
return;
}
for (String item : denyList) {
if (name.equals(item)) {
return; // skip duplication
}
}
String[] denyList = new String[this.denyList.length + 1];
System.arraycopy(this.denyList, 0, denyList, 0, this.denyList.length);
denyList[denyList.length - 1] = name;
this.denyList = denyList;
}
public void addAccept(String name) {
if (name == null || name.length() == 0) {
return;
}
for (String item : acceptList) {
if (name.equals(item)) {
return; // skip duplication
}
}
String[] acceptList = new String[this.acceptList.length + 1];
System.arraycopy(this.acceptList, 0, acceptList, 0, this.acceptList.length);
acceptList[acceptList.length - 1] = name;
this.acceptList = acceptList;
}
public Class<?> checkAutoType(String typeName) {
if (typeName == null) {
return null;
}
final String className = typeName.replace('$', '.');
if (autoTypeSupport) {
for (int i = 0; i < denyList.length; ++i) {
String deny = denyList[i];
if (className.startsWith(deny)) {
throw new JSONException("autoType is not support. " + typeName);
}
}
}
Class<?> clazz = TypeUtils.getClassFromMapping(typeName);
if (clazz == null) {
clazz = derializers.findClass(typeName);
}
if (clazz != null) {
return clazz;
}
for (int i = 0; i < acceptList.length; ++i) {
String accept = acceptList[i];
if (className.startsWith(accept)) {
return TypeUtils.loadClass(typeName, defaultClassLoader);
}
}
if (autoTypeSupport) {
clazz = TypeUtils.loadClass(typeName, defaultClassLoader);
}
if (clazz != null) {
if (ClassLoader.class.isAssignableFrom(clazz) || DataSource.class.isAssignableFrom(clazz)) {
throw new JSONException("autoType is not support. " + typeName);
}
if (derializers.get(clazz) != null) {
return clazz;
}
if (Throwable.class.isAssignableFrom(clazz)) {
return clazz;
}
}
// java.awt.Desktop
if (!autoTypeSupport) {
throw new JSONException("autoType is not support. " + typeName);
}
return clazz;
}
}
@@ -10,12 +10,8 @@
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONException;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.parser.DefaultJSONParser;
import com.alibaba.fastjson.parser.*;
import com.alibaba.fastjson.parser.DefaultJSONParser.ResolveTask;
import com.alibaba.fastjson.parser.Feature;
import com.alibaba.fastjson.parser.JSONLexer;
import com.alibaba.fastjson.parser.JSONToken;
import com.alibaba.fastjson.parser.ParseContext;
import com.alibaba.fastjson.util.TypeUtils;
public class MapDeserializer implements ObjectDeserializer {
@@ -129,7 +125,9 @@ public static Map parseMap(DefaultJSONParser parser, Map<String, Object> map, Ty
if (key == JSON.DEFAULT_TYPE_KEY && !lexer.isEnabled(Feature.DisableSpecialKeyDetect)) {
String typeName = lexer.scanSymbol(parser.getSymbolTable(), '"');
Class<?> clazz = TypeUtils.loadClass(typeName, parser.getConfig().getDefaultClassLoader());
final ParserConfig config = parser.getConfig();
Class<?> clazz = config.checkAutoType(typeName);
if (Map.class.isAssignableFrom(clazz) ) {
lexer.nextToken(JSONToken.COMMA);
@@ -140,7 +138,7 @@ public static Map parseMap(DefaultJSONParser parser, Map<String, Object> map, Ty
continue;
}
ObjectDeserializer deserializer = parser.getConfig().getDeserializer(clazz);
ObjectDeserializer deserializer = config.getDeserializer(clazz);
lexer.nextToken(JSONToken.COMMA);
@@ -74,7 +74,7 @@ public FastJsonConfig() {
this.charset = IOUtils.UTF8;
this.serializeConfig = SerializeConfig.getGlobalInstance();
this.parserConfig = ParserConfig.getGlobalInstance();
this.parserConfig = new ParserConfig();
this.serializerFeatures = new SerializerFeature[0];
this.serializeFilters = new SerializeFilter[0];
@@ -62,7 +62,6 @@ protected boolean supports(Class<?> paramClass) {
return true;
}
@Override
public Object read(Type type, //
Class<?> contextClass, //
HttpInputMessage inputMessage //
@@ -110,7 +110,6 @@ protected boolean supports(Class<?> paramClass) {
return true;
}
@Override
public Object read(Type type, //
Class<?> contextClass, //
HttpInputMessage inputMessage //
@@ -38,12 +38,10 @@ public FastJsonpResponseBodyAdvice(String... queryParamNames) {
this.jsonpQueryParamNames = queryParamNames;
}
@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
return FastJsonpHttpMessageConverter4.class.isAssignableFrom(converterType);
}
@Override
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request,
ServerHttpResponse response) {
@@ -11,12 +11,10 @@
public class FastjsonSockJsMessageCodec extends AbstractSockJsMessageCodec {
@Override
public String[] decode(String content) throws IOException {
return JSON.parseObject(content, String[].class);
}
@Override
public String[] decodeInputStream(InputStream content) throws IOException {
return JSON.parseObject(content, String[].class);
}
Oops, something went wrong.

0 comments on commit d52085e

Please sign in to comment.