From d36caf8c696a84edc7e4204c7dc9c4d3f91a9534 Mon Sep 17 00:00:00 2001 From: zhangdaiscott Date: Wed, 16 Aug 2023 09:40:40 +0800 Subject: [PATCH] =?UTF-8?q?SQL=E6=B3=A8=E5=85=A5=20#5173?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/security/DictQueryBlackListHandler.java | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/security/DictQueryBlackListHandler.java b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/security/DictQueryBlackListHandler.java index 94e099e0..eb2206bb 100644 --- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/security/DictQueryBlackListHandler.java +++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/security/DictQueryBlackListHandler.java @@ -64,14 +64,15 @@ public class DictQueryBlackListHandler extends AbstractQueryBlackListHandler { */ private String getTableName(String str) { String[] arr = str.split("\\s+(?i)where\\s+"); - String tableName = arr[0]; + String tableName = arr[0].trim(); //【20230814】解决使用参数tableName=sys_user t&复测,漏洞仍然存在 - if (tableName.contains(" ")) { - tableName = tableName.substring(0, tableName.indexOf(" ")); - } if (tableName.contains(".")) { - tableName = tableName.substring(tableName.indexOf(".")+1, tableName.length()); + tableName = tableName.substring(tableName.indexOf(".")+1, tableName.length()).trim(); } + if (tableName.contains(" ")) { + tableName = tableName.substring(0, tableName.indexOf(" ")).trim(); + } + //【issues/4393】 sys_user , (sys_user), sys_user%20, %60sys_user%60 String reg = "\\s+|\\(|\\)|`"; return tableName.replaceAll(reg, "");