fastjson 1.2.28版本反序列化的时候使用ASM报错

lvmkulzt 于 2021-11-27 发布在 Java

关注(0)|答案(12)|浏览(670)

为解决安全问题，升级到1.2.28，但是在反序列化的时候，却遇到了如下问题。看起来是字节码版本的问题

Caused by: java.lang.VerifyError: (class: com/alibaba/fastjson/parser/deserializer/FastjsonASMDeserializer_37_PricingPO, method: deserialze signature: (Lcom/alibaba/fastjson/parser/DefaultJSONParser;Ljava/lang/reflect/Type;Ljava/lang/Object;I)Ljava/lang/Object;) Accessing value from uninitialized register 48
at java.lang.Class.getDeclaredConstructors0(Native Method) ~[na:1.7.0_55]
at java.lang.Class.privateGetDeclaredConstructors(Class.java:2493) ~[na:1.7.0_55]
at java.lang.Class.getConstructor0(Class.java:2803) ~[na:1.7.0_55]
at java.lang.Class.getConstructor(Class.java:1718) ~[na:1.7.0_55]
at com.alibaba.fastjson.parser.deserializer.ASMDeserializerFactory.createJavaBeanDeserializer(ASMDeserializerFactory.java:82) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.parser.ParserConfig.createJavaBeanDeserializer(ParserConfig.java:639) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.parser.ParserConfig.getDeserializer(ParserConfig.java:491) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.parser.ParserConfig.getDeserializer(ParserConfig.java:348) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.parser.DefaultJSONParser.parseObject(DefaultJSONParser.java:639) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.JSON.parseObject(JSON.java:350) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.JSON.parseObject(JSON.java:254) ~[fastjson-1.2.28.jar:na]
at com.alibaba.fastjson.JSON.parseObject(JSON.java:467) ~[fastjson-1.2.28.jar:na]
at com.oneplus.common.utils.JSONUtils.toBean(JSONUtils.java:32) ~[commons-3.0.9.jar:na]
at com.oneplus.goodscenter.service.core.service.assembler.SaleAssembler.buildSaleWithPendingData(SaleAssembler.java:46) ~[goodscenter-service-1.3.5.jar:na]
at com.oneplus.goodscenter.service.core.service.assembler.SaleAssembler$1.apply(SaleAssembler.java:61) ~[goodscenter-service-1.3.5.jar:na]

fastjson

来源：https://github.com/alibaba/fastjson/issues/1092

12条答案

按热度按时间

sbtkgmzw1#

问题在1.2.29中已经修复，原因是新加防重复功能时，在字段数量为32或者64时，计算本地变量出错了

赞(0）回复(0）举报 2021-11-27

txu3uszq2#

踩坑，扑通。。。

赞(0）回复(0）举报 2021-11-27

j8yoct9x3#

记录一下。

赞(0）回复(0）举报 2021-11-27

au9on6nz4#

踩了此坑，记录一下。。。。。。

赞(0）回复(0）举报 2021-11-27

jm81lzqq5#

此坑已入，排好队行

赞(0）回复(0）举报 2021-11-27

wh6knrhe6#

用最新版本1.2.47试试看

赞(0）回复(0）举报 2021-11-27

4c8rllxm7#

已入坑

赞(0）回复(0）举报 2021-11-27

von4xj4u8#

此坑已入，花了2个小时

赞(0）回复(0）举报 2021-11-27

bwleehnv9#

测试过,字段数量96, 版本1.2.47/1.2.13不行
Exception in thread "main" java.lang.VerifyError: (class: com/alibaba/fastjson/parser/deserializer/FastjsonASMDeserializer_1_FullReport, method: deserialze signature: (Lcom/alibaba/fastjson/parser/DefaultJSONParser;Ljava/lang/reflect/Type;Ljava/lang/Object;I)Ljava/lang/Object;) Illegal target of jump or branch
at java.lang.Class.getDeclaredConstructors0(Native Method)
at java.lang.Class.privateGetDeclaredConstructors(Class.java:2671)
at java.lang.Class.getConstructor0(Class.java:3075)
at java.lang.Class.getConstructor(Class.java:1825)
at com.alibaba.fastjson.parser.deserializer.ASMDeserializerFactory.createJavaBeanDeserializer(ASMDeserializerFactory.java:90)
at com.alibaba.fastjson.parser.ParserConfig.createJavaBeanDeserializer(ParserConfig.java:723)
at com.alibaba.fastjson.parser.ParserConfig.getDeserializer(ParserConfig.java:573)
at com.alibaba.fastjson.parser.ParserConfig.getDeserializer(ParserConfig.java:386)
at com.alibaba.fastjson.parser.DefaultJSONParser.parseObject(DefaultJSONParser.java:658)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:365)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:269)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:488)
at test.FullReportTest.main(FullReportTest.java:191)
应该是同一个问题,减一/加一字段数量后正常