fastjson icon indicating copy to clipboard operation
fastjson copied to clipboard
verified publisher icon alibaba

修复解析JsonString时没有方括号的字符串可以转成对象List属性的问题。

Open ma349432587 opened this issue 7 years ago • 5 comments

1.修复解析JsonString时没有方括号的字符串可以转成对象List属性的问题。 2.修复一个异常输出信息拼写错误。 3.add testcase.

ma349432587 avatar May 08 '18 10:05 ma349432587

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
5 out of 7 committers have signed the CLA.

:white_check_mark: VictorZeng
:white_check_mark: wenshao
:white_check_mark: severalfly
:white_check_mark: M-AJ
:white_check_mark: kimmking
:x: cnlyml
:x: netroby

cnlyml seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar May 08 '18 10:05 CLAassistant

CLA assistant check
Thank you for your submission, we really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

maxiaoyao seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar May 08 '18 10:05 CLAassistant

Codecov Report

Merging #1836 into master will decrease coverage by <.01%. The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master    #1836      +/-   ##
============================================
- Coverage     81.06%   81.06%   -0.01%     
+ Complexity     6210     6209       -1     
============================================
  Files           137      137              
  Lines         23081    23077       -4     
  Branches       5343     5342       -1     
============================================
- Hits          18711    18707       -4     
- Misses         3024     3026       +2     
+ Partials       1346     1344       -2
Impacted Files Coverage Δ Complexity Δ
...r/deserializer/ArrayListTypeFieldDeserializer.java 73.52% <100%> (-0.06%) 20 <0> (ø)
...com/alibaba/fastjson/parser/DefaultJSONParser.java 88.17% <100%> (ø) 304 <0> (ø) :arrow_down:
...ava/com/alibaba/fastjson/parser/JSONLexerBase.java 71.82% <0%> (-0.04%) 787% <0%> (-1%)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update af36516...50558b8. Read the comment docs.

codecov-io avatar May 08 '18 10:05 codecov-io

你加的 test case 里的 JSON 串是 "{\"sources\":\"5,6\"}" ,对应了 JSON {"sources": "5,6"}。 我在你 commit 之前的版本 af3651681be2538878d41ae809dfcf64704c315d 试了,以 class ListPropertyBean { List<Integer> sources; } 为 parsing 目标,parse "{\"sources\":\"5,6\"}" 时确实不会抛出任何 exception,而是得到一个这样的对象(这里写它转成 JSON 后的形式):{"sources": [56]}。吃惊。

但有点儿怀疑这是个用于所谓“容错”的 feature,如: https://github.com/alibaba/fastjson/issues/825 https://github.com/alibaba/fastjson/issues/1853 虽然这俩 issue 尚未被实现或讨论。

除此之外我还看了一些 issue,想到,这些还是 JSON [de]serializer 的职责范围吗 ( ´_ゝ`)

SnowOnion avatar May 20 '18 04:05 SnowOnion

个人觉得对错误JSON的兼容不是一个好的特性。 https://github.com/alibaba/fastjson/issues/825 这个issue的提出是缺乏思考的,不做评价。 https://github.com/alibaba/fastjson/issues/1853 的提出与我遇到问题类似,都是对不规范JSON语法做了兼容而引发的另一个问题,比如我遇到的这个issue在某种层面上看来就是一个可攻击的漏洞。

ma349432587 avatar May 26 '18 12:05 ma349432587