From 524ad4e6ddc04f2f0cfacb33f42c2f022629bbbb Mon Sep 17 00:00:00 2001
From: abbfun <819589789@qq.com>
Date: 星期一, 23 五月 2022 15:36:18 +0800
Subject: [PATCH] fastjson 版本升级 fastjson <= 1.2.80 存在反序列化任意代码执行漏洞

---
 ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java |    9 ++-------
 1 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java
index 515cf0b..165f40a 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java
@@ -562,17 +562,12 @@
         switch (valueStr)
         {
             case "true":
-                return true;
-            case "false":
-                return false;
             case "yes":
-                return true;
             case "ok":
-                return true;
-            case "no":
-                return false;
             case "1":
                 return true;
+            case "false":
+            case "no":
             case "0":
                 return false;
             default:

--
Gitblit v1.9.2