github
/
jeecg-boot
mirror of https://github.com/jeecgboot/jeecg-boot
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

SQL注入 #5173

pull/5216/merge
zhangdaiscott 2023-08-16 09:40:40 +08:00
parent e6bd2d5009
commit d36caf8c69
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/security/DictQueryBlackListHandler.java
View File

@ -64,14 +64,15 @@ public class DictQueryBlackListHandler extends AbstractQueryBlackListHandler {
*/ */
private String getTableName(String str) { private String getTableName(String str) {
String[] arr = str.split("\\s+(?i)where\\s+"); String[] arr = str.split("\\s+(?i)where\\s+");
String tableName = arr[0]; String tableName = arr[0].trim();
//【20230814】解决使用参数tableName=sys_user t&复测,漏洞仍然存在 //【20230814】解决使用参数tableName=sys_user t&复测,漏洞仍然存在
if (tableName.contains(" ")) {
tableName = tableName.substring(0, tableName.indexOf(" "));
}
if (tableName.contains(".")) { if (tableName.contains(".")) {
tableName = tableName.substring(tableName.indexOf(".")+1, tableName.length()); tableName = tableName.substring(tableName.indexOf(".")+1, tableName.length()).trim();
} }
if (tableName.contains(" ")) {
tableName = tableName.substring(0, tableName.indexOf(" ")).trim();
}
//【issues/4393】 sys_user , (sys_user), sys_user%20, %60sys_user%60 //【issues/4393】 sys_user , (sys_user), sys_user%20, %60sys_user%60
String reg = "\\s+|\\(|\\)|`"; String reg = "\\s+|\\(|\\)|`";
return tableName.replaceAll(reg, ""); return tableName.replaceAll(reg, "");