序列化类:
public final class PushMsg { private final MsgType msgType; private String msgId; private String content; public PushMsg(MsgType msgType,String msgId,String content) { this.msgType = msgType; this.msgId = msgId; this.content = content; } public PushMsg(MsgType msgType) { this.msgType = msgType; } public static PushMsg build(MsgType msgType, String content) { PushMsg pushMessage = new PushMsg(msgType); pushMessage.setContent(content); return pushMessage; } public MsgType getMsgType(){ return msgType; } public String getMsgId() { return msgId; } public void setMsgId(String msgId) { this.msgId = msgId; } public String getContent() { return content; } public void setContent(String content) { this.content = content; } }
json字符串:
json={"content":"{\"type\":1,\"content\":{\"cmd\":20000,\"param\":[]}}","msgId":"654321","msgType":"MESSAGE"}
反序列化为PushMsg对象:PushMsg obj = JSON.parseObject(json, PushMsg.class);
在本地Win7环境,运行没有问题,obj的三个fields都能正常被反序列化赋值。
诡异的是在Linux环境运行,obj有时候的msgId和content反序列后为null!
经过排查,是因为PushMsg给出了两个构造函数,注释掉第二个就可以了!fastjson会随机使用一个?
这有待进一步分析其源码。
网上查询了一下:
1.相关的:https://my.oschina.net/zjg23/blog/1785611
2.还有一个说有漏洞可以攻击的,比较有意思,以后找时间也看看:
http://www.cnblogs.com/mrchang/p/6789060.html