实验环境说明:
1:JDK 1.8.0_241
2:IDEA IntelliJ 2018.3
3:Lombok 1.18.8
由于Fastjson漏洞比较多,所以,我调研换用Jackson是否OK,在实验的过程中发现了Lombok的一个细节,如果不注意,可能存在问题,问题比较简单,代码一贴基本就能看出来了!
4:源码如下所示
import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; @Data @NoArgsConstructor @AllArgsConstructor public class TestLombok { private long _long; private Long _Long; private byte _byte; private Byte _Byte; private double _double; private Double _Double; private boolean _boolean; private Boolean _Boolean; private float _float; private Float _Float; private String myName; private String mYnAmE; private String MyNaMe; private String my_name; }
5:生成的反编译字节码如下所示
public class TestLombok { private long _long; private Long _Long; private byte _byte; private Byte _Byte; private double _double; private Double _Double; private boolean _boolean; private Boolean _Boolean; private float _float; private Float _Float; private String myName; private String mYnAmE; private String MyNaMe; private String my_name; public long get_long() { return this._long; } public byte get_byte() { return this._byte; } public double get_double() { return this._double; } public boolean is_boolean() { return this._boolean; } public Boolean get_Boolean() { return this._Boolean; } public float get_float() { return this._float; } public String getMyName() { return this.myName; } public String getMy_name() { return this.my_name; } public void set_long(long _long) { this._long = _long; } public void set_byte(byte _byte) { this._byte = _byte; } public void set_double(double _double) { this._double = _double; } public void set_boolean(boolean _boolean) { this._boolean = _boolean; } public void set_float(float _float) { this._float = _float; } public void setMyName(String myName) { this.myName = myName; } public void setMy_name(String my_name) { this.my_name = my_name; } public boolean equals(Object o) { if (o == this) { return true; } else if (!(o instanceof TestLombok)) { return false; } else { TestLombok other = (TestLombok)o; if (!other.canEqual(this)) { return false; } else if (this.get_long() != other.get_long()) { return false; } else if (this.get_long() != other.get_long()) { return false; } else if (this.get_byte() != other.get_byte()) { return false; } else if (this.get_byte() != other.get_byte()) { return false; } else if (Double.compare(this.get_double(), other.get_double()) != 0) { return false; } else if (Double.compare(this.get_double(), other.get_double()) != 0) { return false; } else { label106: { Object this$_boolean = this.get_Boolean(); Object other$_boolean = other.get_Boolean(); if (this$_boolean == null) { if (other$_boolean == null) { break label106; } } else if (this$_boolean.equals(other$_boolean)) { break label106; } return false; } Object this$_Boolean = this.get_Boolean(); Object other$_Boolean = other.get_Boolean(); if (this$_Boolean == null) { if (other$_Boolean != null) { return false; } } else if (!this$_Boolean.equals(other$_Boolean)) { return false; } if (Float.compare(this.get_float(), other.get_float()) != 0) { return false; } else if (Float.compare(this.get_float(), other.get_float()) != 0) { return false; } else { label89: { Object this$myName = this.getMyName(); Object other$myName = other.getMyName(); if (this$myName == null) { if (other$myName == null) { break label89; } } else if (this$myName.equals(other$myName)) { break label89; } return false; } Object this$mYnAmE = this.getMyName(); Object other$mYnAmE = other.getMyName(); if (this$mYnAmE == null) { if (other$mYnAmE != null) { return false; } } else if (!this$mYnAmE.equals(other$mYnAmE)) { return false; } label75: { Object this$MyNaMe = this.getMyName(); Object other$MyNaMe = other.getMyName(); if (this$MyNaMe == null) { if (other$MyNaMe == null) { break label75; } } else if (this$MyNaMe.equals(other$MyNaMe)) { break label75; } return false; } Object this$my_name = this.getMy_name(); Object other$my_name = other.getMy_name(); if (this$my_name == null) { if (other$my_name != null) { return false; } } else if (!this$my_name.equals(other$my_name)) { return false; } return true; } } } } protected boolean canEqual(Object other) { return other instanceof TestLombok; } public int hashCode() { int PRIME = true; int result = 1; long $_long = this.get_long(); int result = result * 59 + (int)($_long >>> 32 ^ $_long); long $_Long = this.get_long(); result = result * 59 + (int)($_Long >>> 32 ^ $_Long); result = result * 59 + this.get_byte(); result = result * 59 + this.get_byte(); long $_double = Double.doubleToLongBits(this.get_double()); result = result * 59 + (int)($_double >>> 32 ^ $_double); long $_Double = Double.doubleToLongBits(this.get_double()); result = result * 59 + (int)($_Double >>> 32 ^ $_Double); Object $_boolean = this.get_Boolean(); result = result * 59 + ($_boolean == null ? 43 : $_boolean.hashCode()); Object $_Boolean = this.get_Boolean(); result = result * 59 + ($_Boolean == null ? 43 : $_Boolean.hashCode()); result = result * 59 + Float.floatToIntBits(this.get_float()); result = result * 59 + Float.floatToIntBits(this.get_float()); Object $myName = this.getMyName(); result = result * 59 + ($myName == null ? 43 : $myName.hashCode()); Object $mYnAmE = this.getMyName(); result = result * 59 + ($mYnAmE == null ? 43 : $mYnAmE.hashCode()); Object $MyNaMe = this.getMyName(); result = result * 59 + ($MyNaMe == null ? 43 : $MyNaMe.hashCode()); Object $my_name = this.getMy_name(); result = result * 59 + ($my_name == null ? 43 : $my_name.hashCode()); return result; } public String toString() { return "TestLombok(_long=" + this.get_long() + ", _Long=" + this.get_long() + ", _byte=" + this.get_byte() + ", _Byte=" + this.get_byte() + ", _double=" + this.get_double() + ", _Double=" + this.get_double() + ", _boolean=" + this.get_Boolean() + ", _Boolean=" + this.get_Boolean() + ", _float=" + this.get_float() + ", _Float=" + this.get_float() + ", myName=" + this.getMyName() + ", mYnAmE=" + this.getMyName() + ", MyNaMe=" + this.getMyName() + ", my_name=" + this.getMy_name() + ")"; } public TestLombok() { } public TestLombok(long _long, Long _Long, byte _byte, Byte _Byte, double _double, Double _Double, boolean _boolean, Boolean _Boolean, float _float, Float _Float, String myName, String mYnAmE, String MyNaMe, String my_name) { this._long = _long; this._Long = _Long; this._byte = _byte; this._Byte = _Byte; this._double = _double; this._Double = _Double; this._boolean = _boolean; this._Boolean = _Boolean; this._float = _float; this._Float = _Float; this.myName = myName; this.mYnAmE = mYnAmE; this.MyNaMe = MyNaMe; this.my_name = my_name; } }
6:结论
6-1:自动生成的Setter/Getter方法少了,貌似属性不区分大小写
6-2:equals方法也是存在问题,某些属性的Getter方法使用错误