edoclin commented on issue #15750: URL: https://github.com/apache/dubbo/issues/15750#issuecomment-3484172405
> > UnsafeDeserializer constructs objects via allocateInstance; in certain scenarios, the deserialized object ends up with obj.all = null rather than the default obj.all = "all". > > [@edoclin](https://github.com/edoclin) could you provide an unit test? i can't reproduce what you said with such codes based on SerializeTestBase of `dubbo-hessian-lite` (https://github.com/apache/dubbo-hessian-lite/blob/master/java-8-test/src/test/java/com/alibaba/com/caucho/hessian/io/base/SerializeTestBase.java) : > > ``` > import com.alibaba.com.caucho.hessian.io.base.SerializeTestBase; > import org.junit.jupiter.api.Assertions; > import org.junit.jupiter.api.Test; > > import java.io.IOException; > import java.io.Serializable; > import java.math.BigInteger; > public class SampleTest extends SerializeTestBase { > @Test > void testSample() throws IOException { > Sample sample = new Sample(); > Sample result = baseHessian2Serialize(sample); > Assertions.assertEquals(sample.bigInteger, result.bigInteger); > Assertions.assertEquals(sample.all, result.all); > } > > private static class Sample implements Serializable { > private BigInteger bigInteger = new BigInteger("1234567890"); > private String all = "all"; > } > } > ``` > could you provide an unit test? i can't reproduce what you said with such codes based on SerializeTestBase of `dubbo-hessian-lite` Unit tests cannot reproduce this issue. In real business scenarios, there is a Dubbo invocation where the consumer relies on version `1.0.0` , with the parameter defined as: ```java public class MsgGetReq implements Serializable { private short appId; } ``` However, the provider has upgraded its dependency to version `1.0.1`, where the parameter is defined as: ```java public class MsgGetReq implements Serializable { // To accommodate certain changes in business requirements, we adopt adding default values to ensure compatibility with calls from version 1.0.0. private short type = 1; private short appId; } ``` Because the consumer’s serialized data does not include the `type` parameter, the provider, during deserialization, does not trigger Unsafe initialization for the `type` field, causing its default value to remain null . -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
