From dc0c87fb0c90bec2eacef1bab14fbce9d1009f5f Mon Sep 17 00:00:00 2001
From: ahuo <ahuo2865189826@gmail.com>
Date: Thu, 11 Sep 2025 08:03:07 +0000
Subject: [PATCH] fix: validate __type field before accessing in fromJson

---
 src/json_export.cpp | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/json_export.cpp b/src/json_export.cpp
index 2ad648f3e..b716a94ea 100644
--- a/src/json_export.cpp
+++ b/src/json_export.cpp
@@ -112,9 +112,20 @@ JsonExporter::ExpectedEntry JsonExporter::fromJson(const nlohmann::json& source)
     }
   }
 
-  if(!source.contains("__type") && !source.is_array())
+  if(source.is_array())
   {
-    return nonstd::make_unexpected("Missing field '__type'");
+    if(source.empty())
+      return nonstd::make_unexpected("Missing field '__type'");
+    const auto& first = source[0];
+    if(!first.is_object() || !first.contains("__type"))
+      return nonstd::make_unexpected("Missing field '__type'");
+    if(!first["__type"].is_string())
+      return nonstd::make_unexpected("Invalid '__type' (must be string)");
+  }
+  else
+  {
+    if(!source.is_object() || !source.contains("__type") || !source["__type"].is_string())
+      return nonstd::make_unexpected("Missing field '__type'");
   }
 
   auto& from_converters =