项目安全漏洞整改中将fastjson从1.2.50升级到1.2.75,项目中和外部系统交互中存在过滤器对请求报文解析头部,记录相关信息,头部信息中有时间类型,会出现解析错误。
public class A {
private RequestHead requestHead;
public RequestHead getRequestHead() {
return requestHead;
}
public void setRequestHead(RequestHead requestHead) {
this.requestHead = requestHead;
}
public static class RequestHead {
private Date date;
public Date getDate() {
return date;
}
public void setDate(Date date) {
this.date = date;
}
}
}
@Test
public void test02() {
String s = "{\"requestHead\":{\"date\":\"2021-06-10 15:19:37.947 CST\"}}";
RequestHead requestHead = JSON.parseObject(s).getObject("requestHead",A.RequestHead.class);
assertNotNull(requestHead);
}
com.alibaba.fastjson.JSONException: For input string: "2021-06-10 15:19:37.947 CST"
at com.alibaba.fastjson.util.TypeUtils.castToJavaBean(TypeUtils.java:1551)
at com.alibaba.fastjson.util.TypeUtils.cast(TypeUtils.java:1099)
at com.alibaba.fastjson.util.TypeUtils.castToJavaBean(TypeUtils.java:1058)
at com.alibaba.fastjson.JSONObject.getObject(JSONObject.java:163)
at test.TestUnit.test02(TestUnit.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:538)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:760)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:460)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:206)
Caused by: java.lang.NumberFormatException: For input string: "2021-06-10 15:19:37.947 CST"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.lang.Long.parseLong(Long.java:589)
at java.lang.Long.parseLong(Long.java:631)
at com.alibaba.fastjson.serializer.DateCodec.cast(DateCodec.java:339)
at com.alibaba.fastjson.parser.deserializer.AbstractDateDeserializer.deserialze(AbstractDateDeserializer.java:184)
at com.alibaba.fastjson.parser.deserializer.AbstractDateDeserializer.deserialze(AbstractDateDeserializer.java:16)
at com.alibaba.fastjson.parser.deserializer.DefaultFieldDeserializer.parseField(DefaultFieldDeserializer.java:86)
at com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.createInstance(JavaBeanDeserializer.java:1402)
at com.alibaba.fastjson.util.TypeUtils.castToJavaBean(TypeUtils.java:1549)
... 27 more