修复 solon-expression 表达式遇到非法特殊符可能会 oom 的问题（重要）

Author: noear

UPDATE_LOG.md

@@ -1,4 +1,27 @@
 
+### v3.10.1
+
+* 修复 solon-expression 表达式遇到非法特殊符可能会 oom 的问题（重要）
+
+
+### v3.10.0
+
+* 添加 `solon-expression` 添加 `@bean` 表达式支持
+
+示例：
+
+```java
+Map<String, Object> vars = new HashMap();
+vars.put("a", 1);
+
+EnhanceContext context = new EnhanceContext(vars);
+context.forBeans(Solon.context()::getBean);
+
+SnEL.eval("@user.getAge() == a ? true : false", context);
+```
+
+
+
 ### v3.9.6
 
 * 添加 `solon-expression` 添加 `@bean` 表达式支持

solon-expression-test/src/test/java/features/expr/SnelEvaluateParserNewFeatureTest.java

@@ -79,9 +79,11 @@ public void testCustomPropertyMarker2() {
 
         customParser.parse("{test}", false);
 
-        // 场景 B: 新的 %{} 应当被识别为 PropertyNode (TemplateNode)
-        // 只要不报错，说明 isPropertyStart 逻辑生效
         Assertions.assertDoesNotThrow(() -> {
+            customParser.parse("{app.name}", false);
+        });
+
+        Assertions.assertThrows(Throwable.class, () -> {
             customParser.parse("%{app.name}", false);
         });
     }

solon-expression-test/src/test/java/features/expr/issues/Issue_IHPAQ3.java

@@ -1,8 +1,10 @@
 package features.expr.issues;
 
 import lombok.Data;
+import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.noear.solon.expression.context.EnhanceContext;
+import org.noear.solon.expression.exception.CompilationException;
 import org.noear.solon.expression.snel.SnEL;
 
 import java.io.Serializable;
@@ -47,7 +49,13 @@ public void test2() {
         EnhanceContext context = new EnhanceContext(vars);
         context.forBeans(beans::get);
 
-        System.out.println(SnEL.eval("@user.bb($uuu)", context));
+        Assertions.assertThrows(CompilationException.class, () -> {
+            SnEL.eval("@user.bb($uuu)", context);
+        });
+
+        Assertions.assertThrows(CompilationException.class, () -> {
+            SnEL.eval("@user.bb(%uuu)", context);
+        });
     }
 
 

solon-expression/src/main/java/org/noear/solon/expression/snel/EvaluateParser.java

@@ -172,8 +172,15 @@ private boolean isPropertyStart(ParserState state) {
      * 检查是否是包装表达式起始
      */
     private boolean isExpressionStart(ParserState state) {
-        return (state.getCurrentChar() == parser.MARK_START_EXPRESSION && state.peekNextChar() == parser.MARK_BRACE_OPEN)
-                || state.getCurrentChar() == parser.MARK_BRACE_OPEN;
+        int cur = state.getCurrentChar();
+        int next = state.peekNextChar();
+
+        // 只有明确看到 #{ 或 { 才认为是包装表达式的开始
+        if (cur == parser.MARK_START_EXPRESSION) {
+            return next == parser.MARK_BRACE_OPEN;
+        }
+
+        return cur == parser.MARK_BRACE_OPEN;
     }
 
     /**
@@ -360,7 +367,12 @@ private Expression parsePrimaryExpression(ParserState state) {
             expr = new ConstantNode(null);
         } else {
             String identifier = parseIdentifier(state);
-            expr = new VariableNode(identifier);
+
+            if(identifier != null && identifier.length() > 0) {
+                expr = new VariableNode(identifier);
+            } else {
+                throw state.error("Expression is invalid");
+            }
         }
 
         return parsePostfix(state, expr);
@@ -740,6 +752,11 @@ public int peekNextChar() {
             }
         }
 
+        public CompilationException error(String message) {
+            String charDesc = (ch == -1) ? "EOF" : "'" + (char) ch + "'";
+            return new CompilationException(message + " (found " + charDesc + ") at position " + position);
+        }
+
         /**
          * 跳过空白字符
          */