From 524ad4e6ddc04f2f0cfacb33f42c2f022629bbbb Mon Sep 17 00:00:00 2001
From: abbfun <819589789@qq.com>
Date: 星期一, 23 五月 2022 15:36:18 +0800
Subject: [PATCH] fastjson 版本升级 fastjson <= 1.2.80 存在反序列化任意代码执行漏洞

---
 ruoyi-ui/src/utils/ruoyi.js |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/ruoyi-ui/src/utils/ruoyi.js b/ruoyi-ui/src/utils/ruoyi.js
index 8e3cb0c..7e6eccd 100644
--- a/ruoyi-ui/src/utils/ruoyi.js
+++ b/ruoyi-ui/src/utils/ruoyi.js
@@ -70,6 +70,9 @@
 
 // 回显数据字典 
 export function selectDictLabel(datas, value) {
+  if (value === undefined) {
+    return "";
+  }
   var actions = [];
   Object.keys(datas).some((key) => {
     if (datas[key].value == ('' + value)) {
@@ -77,23 +80,31 @@
       return true;
     }
   })
+  if (actions.length === 0) {
+    actions.push(value);
+  }
   return actions.join('');
 }
 
 // 回显数据字典（字符串数组）
 export function selectDictLabels(datas, value, separator) {
-  if(value === undefined) {
+  if (value === undefined) {
     return "";
   }
   var actions = [];
   var currentSeparator = undefined === separator ? "," : separator;
   var temp = value.split(currentSeparator);
   Object.keys(value.split(currentSeparator)).some((val) => {
+    var match = false;
     Object.keys(datas).some((key) => {
       if (datas[key].value == ('' + temp[val])) {
         actions.push(datas[key].label + currentSeparator);
+        match = true;
       }
     })
+    if (!match) {
+      actions.push(temp[val] + currentSeparator);
+    }
   })
   return actions.join('').substring(0, actions.join('').length - 1);
 }

--
Gitblit v1.9.2