search

Tencent / APIJSON

🏆 实时 零代码、全功能、强安全 ORM 库 🚀 后端接口和文档零代码,前端(客户端) 定制返回 JSON 的数据和结构 🏆 Real-Time coding-free, powerful and secure ORM 🚀 providing APIs and Docs without coding by Backend, and the returned JSON of API can be customized by Frontend(Client) users
http://apijson.cn
Other
17.14k stars 2.15k forks source link

Potential NPE in apijson.orm.AbstractParser #234

Open ErrReporter opened 3 years ago

ErrReporter commented 3 years ago

环境信息

问题描述

Hello, Our code analyses found the following potential NPE:

  1. null作为第2个参数传递给函数onObjectParse https://github.com/Tencent/APIJSON/blob/d78967a05d8b6a51ae3f7f28266b8cd87f2cc42f/APIJSONORM/src/main/java/apijson/orm/AbstractParser.java#L373

  2. 调用parentPath的java.lang.String.lastIndexOf方法(parentPath可能为空指针) https://github.com/Tencent/APIJSON/blob/d78967a05d8b6a51ae3f7f28266b8cd87f2cc42f/APIJSONORM/src/main/java/apijson/orm/AbstractParser.java#L879

Commit: d78967a05d8b6a51ae3f7f28266b8cd87f2cc42f

TommyLemon commented 3 years ago

感谢反馈,实际使用是不会触发的。 image

isArrayMainTable 是指 

{
  "[]": {
      "Table": {  // 对应 parentPath 为 []
      }
   }
}

里面的 Table, 对应 parentPath 为 [],一定不是 null。不过加个判空也行,减少大家的困惑。 可以提个 Pull Request,会把你加到贡献者列表里哦 https://github.com/Tencent/APIJSON/blob/master/CONTRIBUTING.md