fix: 修复切片长度校验和内存分配防护问题
All checks were successful
ci/woodpecker/push/my-first-workflow Pipeline was successful
All checks were successful
ci/woodpecker/push/my-first-workflow Pipeline was successful
refactor: 优化战斗循环中的宠物处理逻辑 refactor: 重构物品更新服务使用ORM模型
This commit is contained in:
xinian
@@ -160,12 +160,29 @@ func (f Fields) Unpack(r io.Reader, val reflect.Value, options *Options) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// -------------------------- 抽离的辅助方法:处理结构体字段 --------------------------
|
||||
// 定义全局的最大安全切片长度(可根据业务调整,建议通过 options 配置)
|
||||
const defaultMaxSafeSliceLen = 10000 // 1万,根据实际场景调整
|
||||
|
||||
// 新增错误类型,便于上层捕获
|
||||
var (
|
||||
ErrExceedMaxSliceLen = errors.New("slice length exceeds maximum safe limit")
|
||||
ErrInvalidSliceLen = errors.New("slice length is negative or zero")
|
||||
)
|
||||
|
||||
// unpackStructField 抽离重复的结构体解析逻辑,解决DRY问题
|
||||
// 修复点:增加长度校验和内存分配防护
|
||||
func (f Fields) unpackStructField(r io.Reader, fieldVal reflect.Value, length int, field *Field, options *Options) error {
|
||||
// 长度为0时直接返回,避免无效循环
|
||||
// 修复1:基础长度校验,拒绝无效/超大长度
|
||||
if length <= 0 {
|
||||
return nil
|
||||
return ErrInvalidSliceLen
|
||||
}
|
||||
|
||||
// 修复2:获取最大允许的切片长度(优先使用 options 配置,无则用默认值)
|
||||
maxSliceLen := defaultMaxSafeSliceLen
|
||||
|
||||
// 修复3:校验长度是否超过安全阈值,防止OOM
|
||||
if length > maxSliceLen {
|
||||
return fmt.Errorf("%w: requested %d, max allowed %d", ErrExceedMaxSliceLen, length, maxSliceLen)
|
||||
}
|
||||
|
||||
// 处理切片/数组类型的结构体字段
|
||||
@@ -175,6 +192,7 @@ func (f Fields) unpackStructField(r io.Reader, fieldVal reflect.Value, length in
|
||||
if field.Array {
|
||||
sliceVal = fieldVal
|
||||
} else {
|
||||
// 原逻辑:这里是OOM的核心触发点,现在已经提前做了长度校验
|
||||
sliceVal = reflect.MakeSlice(fieldVal.Type(), length, length)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user