Search

CN-121979502-A - Zero-invasion-oriented compiling-period type conversion generation method

CN121979502ACN 121979502 ACN121979502 ACN 121979502ACN-121979502-A

Abstract

A zero-intrusion-oriented compile-time type conversion generation method is disclosed. The method comprises the steps of scanning and analyzing type conversion notes in source codes, constructing generation tasks for the type conversion notes, enabling the generation tasks to indicate annotated element information and target type expressions, constructing source type descriptors and target type descriptors for the annotated elements and the target type expressions respectively for each generation task, enabling the source type descriptors and the target type descriptors to be based on the same data model, executing consistency check on the source type descriptors and the target type descriptors in each generation task, judging the generation task capable of performing safety conversion on the consistency check, generating type safety converter class codes, embedding safety enhancement logic based on the type conversion notes in the converter class codes, and realizing safety type conversion when the converter class codes are called. The embodiment can automatically generate the type-safe converter class code on the premise of not changing the business logic.

Inventors

  • LI PENGFEI
  • Shao Fuqiao

Assignees

  • 北京领雁科技股份有限公司

Dates

Publication Date
20260505
Application Date
20260119

Claims (10)

  1. 1. A zero-invasion-oriented compile-time type conversion generation method is characterized by comprising the following steps of: Scanning and analyzing type conversion notes in source codes, and constructing a generation task for the type conversion notes, wherein the generation task indicates annotated element information and a target type expression; For each generation task, constructing a source type descriptor for the annotated element, constructing a target type descriptor for the target type expression, the source type descriptor and the target type descriptor being based on the same data model; performing a consistency check on the source type descriptor and the target type descriptor in each generation task; And generating a type-safe converter class code, wherein security enhancement logic based on type conversion annotation is embedded in the converter class code, and the type conversion is realized when the converter class code is called.
  2. 2. The compile-time type conversion generation method of claim 1, wherein constructing a source type descriptor for an annotated element comprises: obtaining original type and parameter information of the annotated elements specified by a compiler by using type information provided by the compiler, and updating the original type and parameter information to original type and parameter groups in the source type descriptor; building a target type descriptor for the target type expression includes: Performing lexical or grammatical parsing on the target type expression and generating a grammar tree, and Mapping the syntax tree into the target type descriptor based on the parsing context, wherein the original type and the value of the parameter group in the target type descriptor are derived from the target type expression.
  3. 3. The method of claim 2, wherein the consistency check comprises checking whether the original type in the source type descriptor and the target type descriptor are compatible and whether the lengths of the parameter sets are consistent.
  4. 4. The compile-time type conversion generation method of claim 1, wherein generating type-safe converter class code comprises: Traversing the matching nodes of the target type descriptor and the source type descriptor from bottom to top to determine whether the matching nodes require an auxiliary conversion method and generating a private auxiliary conversion method based thereon, and And generating a top-level public conversion method, wherein the public conversion method internally calls the private auxiliary conversion method and integrates security enhancement logic based on the type conversion annotation.
  5. 5. The compile-time type conversion generation method of claim 4, wherein when generating the private auxiliary conversion method, generating a placeholder implementation for the detected circularly dependent type and replacing it with a complete implementation in a subsequent processing round.
  6. 6. The compile-time type conversion generation method of claim 1, wherein the security enhancement logic comprises one or more of null policy handling, type assertions, exception trapping, immutable set wrapping, and conversion report dotting.
  7. 7. The compile-time type conversion generation method of claim 1, further comprising: a manifest file is generated at compile time, the manifest file including a task identification, a generated converter class name, a type key, version information, and a signature.
  8. 8. The compile-time type conversion generation method of claim 1, further comprising invoking the converter class code by one of: The service code directly and statically calls the generated converter class; dynamically searching and calling a converter based on a type key through a runtime registry; the generated converter is registered into a conversion service of the application framework through the framework adapter.
  9. 9. A computing device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program implements the steps of the compile-time type conversion generation method of any one of claims 1 to 8.
  10. 10. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the compile-time type conversion generation method according to any one of claims 1 to 8.

Description

Zero-invasion-oriented compiling-period type conversion generation method Technical Field The embodiment of the disclosure relates to the technical field of computers, in particular to a zero-invasion-oriented compile-time type conversion generation method. Background Java has a compiler that converts Java source code into bytecodes (.class files) and a virtual machine that loads and runs the bytecodes. Among other things, various types of transformations are defined in Java source code, which are typically verified by a compiler. There are some translations, however, that the compiler has verified, but the virtual machine detects that the inter-type translations are not compatible and throws out the runtime exception 'classCastException'. Such anomalies come from the following: 1. The security of the universal type is insufficient, and the class CastException' is easy to appear in the running process due to a Java universal type erasure mechanism; 2. The limitation of dynamic conversion is that the conversion of the object and the byte stream is realized through forced conversion, but the analysis is still dependent on the operation time, and the guarantee of the compiling period is lacking. 3. The usage limitations of Annotation Processors (APT) are that although they involve the use of APT to generate conversion logic, only limited scenarios such as null values are handled, and there is no deep support for complex structures, nor is security enhancement mechanisms (e.g., immutable set generation, strongly typed assertions) incorporated. Accordingly, there is a need for an improved scheme that eliminates type conversion insecurities at compile time, automatically generates depth conversion logic, and enhances runtime security. Disclosure of Invention An object of an embodiment of the present disclosure is to provide a method for generating a compile-time type conversion into zero invasion, so as to solve the problems in the prior art. According to a first aspect of an embodiment of the present disclosure, there is provided a zero-intrusion-oriented compile-time type conversion generation method, including: Scanning and analyzing type conversion notes in source codes, and constructing a generation task for the type conversion notes, wherein the generation task indicates annotated element information and a target type expression; For each generation task, constructing a source type descriptor for the annotated element, constructing a target type descriptor for the target type expression, the source type descriptor and the target type descriptor being based on the same data model; performing a consistency check on the source type descriptor and the target type descriptor in each generation task; And generating a type-safe converter class code, wherein security enhancement logic based on type conversion annotation is embedded in the converter class code, and the type conversion is realized when the converter class code is called. In some embodiments, constructing a source type descriptor for the annotated element includes: obtaining original type and parameter information of the annotated elements specified by a compiler by using type information provided by the compiler, and updating the original type and parameter information to original type and parameter groups in the source type descriptor; building a target type descriptor for the target type expression includes: Performing lexical or grammatical parsing on the target type expression and generating a grammar tree, and Mapping the syntax tree into the target type descriptor based on the parsing context, wherein the original type and the value of the parameter group in the target type descriptor are derived from the target type expression. In some embodiments, the consistency check includes checking whether the original types in the source type descriptor and the target type descriptor are compatible and whether the lengths of the parameter sets are consistent. In some embodiments, the generating type-safe converter class code includes: Traversing the matching nodes of the target type descriptor and the source type descriptor from bottom to top to determine whether the matching nodes require an auxiliary conversion method and generating a private auxiliary conversion method based thereon, and And generating a top-level public conversion method, wherein the public conversion method internally calls the private auxiliary conversion method and integrates security enhancement logic based on the type conversion annotation. In some embodiments, when generating the private auxiliary conversion method, a placeholder implementation is generated for the detected circularly dependent type and replaced with a complete implementation in a subsequent processing round. In some embodiments, the security enhancement logic includes one or more of null policy handling, type assertions, exception trapping, immutable set wrapping, and conversion report dotting. In some embodi