hook构造函数时,jsoniter组件序列化异常,自循环(递归),最终导致StackOverflowError
eastlong opened this issue · 0 comments
hook构造函数时,jsoniter组件序列化异常,自循环(递归),最终导致StackOverflowError
背景
我需要去hook构造函数。
问题
程序在执行到com.baidu.openrasp.plugin.js.JS 的如下代码段
public static List<EventInfo> Check(CheckParameter checkParameter) {
Type type = checkParameter.getType();
ByteArrayOutputStream out = new ByteArrayOutputStream();
JsonStream.serialize(checkParameter.getParams(), out);
out.write(0);其中JsonStream.serialize(checkParameter.getParams(), out);这段程序执行报错
2023-11-13 14:34:16,280 ERROR [http-nio-8080-exec-5][com.baidu.openrasp.messaging.LogTool] [E20005] http://127.0.0.1:8080/vulns/002-file-read.jsp plugin check error: java.lang.StackOverflowError because: null:
java.lang.StackOverflowError
at java.lang.reflect.InvocationTargetException.(InvocationTargetException.java:72)
at sun.reflect.GeneratedMethodAccessor47.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.baidu.openrasp.jsoniter.output.ReflectionObjectEncoder.enocde_(ReflectionObjectEncoder.java:77)
at com.baidu.openrasp.jsoniter.output.ReflectionObjectEncoder.encode(ReflectionObjectEncoder.java:37)
at com.baidu.openrasp.jsoniter.output.JsonStream.writeVal(JsonStream.java:362)
at com.baidu.openrasp.jsoniter.output.ReflectionObjectEncoder.writeEncodeTo(ReflectionObjectEncoder.java:121)
at com.baidu.openrasp.jsoniter.output.ReflectionObjectEncoder.enocde_(ReflectionObjectEncoder.java:78)
at com.baidu.openrasp.jsoniter.output.ReflectionObjectEncoder.encode(ReflectionObjectEncoder.java:37)
at com.baidu.openrasp.jsoniter.output.JsonStream.writeVal(JsonStream.java:362)
这里就再也执行不下来去了,请问下有遇到类似的问题吗?是否有解决方法?卡主3天了,请各位大佬指点