1. 首页
  2. 问答
  3. [alibaba/fastjson]序列化mock对象导致StackOverflowError错误

[alibaba/fastjson]序列化mock对象导致StackOverflowError错误

2023-12-11 38 views
7
问题

对一个mock对象执行 JSON.toJSON 会抛错

可能带来的影响是:如果做了try catch且在catch异常里面打日志(常见做法)等获取栈信息时,会引发StackOverflowError,该操作非常耗时,影响系统稳定性,甚至被利用做攻击

附:试了jackson和gson无此问题

环境
  • fastjson 1.2.83
  • mockito 3.5.11
  • jdk 1.8.301.09
  • osx
示例代码 
try {
    Object a_pojo_object = Mockito.mock(SomePOJO.class);
    JSON.toJSON(a_pojo_object);
} catch (Exception e) {
    e.printStackTrace();
    //logger.error(e.getMessage(), e);
}
错误日志(现象一) 
com.alibaba.fastjson.JSONException: toJSON error
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1226)
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1116)
    at JsonErrTest.testJsonErr(JsonErrTest.java:32)
        ...
Caused by: com.alibaba.fastjson.JSONException: toJSON error
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1226) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    ... 12 more
Caused by: com.alibaba.fastjson.JSONException: toJSON error
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1226) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    ... 12 more
Caused by: com.alibaba.fastjson.JSONException: toJSON error
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1226) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223) ~[fastjson-1.2.83.jar:?]
    ... 12 more
long long...
截图

image

错误日志(现象二) 
java.lang.reflect.InvocationTargetException
    at sun.reflect.GeneratedMethodAccessor565.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.alibaba.fastjson.util.FieldInfo.get(FieldInfo.java:571)
    at com.alibaba.fastjson.serializer.FieldSerializer.getPropertyValue(FieldSerializer.java:151)
    at com.alibaba.fastjson.serializer.JavaBeanSerializer.getFieldValuesMap(JavaBeanSerializer.java:799)
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1221)
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223)
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223)
    at com.alibaba.fastjson.JSON.toJSON(JSON.java:1223)
long long...
错误日志(现象三) 
java.lang.StackOverflowError
    at sun.nio.cs.UTF_8$Encoder.encodeLoop(UTF_8.java:691)
    at java.nio.charset.CharsetEncoder.encode(CharsetEncoder.java:579)
    at sun.nio.cs.StreamEncoder.implWrite(StreamEncoder.java:271)
    at sun.nio.cs.StreamEncoder.write(StreamEncoder.java:125)
    at java.io.OutputStreamWriter.write(OutputStreamWriter.java:207)
    at java.io.BufferedWriter.flushBuffer(BufferedWriter.java:129)
    at java.io.PrintStream.write(PrintStream.java:526)
    at java.io.PrintStream.print(PrintStream.java:669)
    at java.io.PrintStream.println(PrintStream.java:823)
    at java.lang.Throwable$WrappedPrintStream.println(Throwable.java:749)
    at java.lang.Throwable.printEnclosedStackTrace(Throwable.java:696)
    at java.lang.Throwable.printEnclosedStackTrace(Throwable.java:710)
    at java.lang.Throwable.printEnclosedStackTrace(Throwable.java:710)
    at java.lang.Throwable.printEnclosedStackTrace(Throwable.java:710)
long long...

atealxt

回答

5

不太确定是否和其它搜到的SOE问题类似,比如是否是mock对象引起某种循环依赖。由于现象有不一样的地方,且最新版fastjson可重现,所以提了一个新issue

atealxt

 相关问题