From 6fa3bfe05184e9bcaadf00becee1d30f4abb9b1d Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 五月 2021 17:38:27 +0800
Subject: [PATCH] 修复两处存在SQL注入漏洞问题
---
ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml | 2 +-
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java | 14 ++++++++++++++
2 files changed, 15 insertions(+), 1 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
index a796f84..e988430 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
@@ -66,6 +66,7 @@
@Before("dataScopePointCut()")
public void doBefore(JoinPoint point) throws Throwable
{
+ clearDataScope(point);
handleDataScope(point);
}
@@ -166,4 +167,17 @@
}
return null;
}
+
+ /**
+ * 拼接权限sql前先清空params.dataScope参数防止注入
+ */
+ private void clearDataScope(final JoinPoint joinPoint)
+ {
+ Object params = joinPoint.getArgs()[0];
+ if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+ {
+ BaseEntity baseEntity = (BaseEntity) params;
+ baseEntity.getParams().put(DATA_SCOPE, "");
+ }
+ }
}
diff --git a/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
index cdc26f4..3845730 100644
--- a/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
@@ -147,7 +147,7 @@
<if test="updateBy != null and updateBy != ''">update_by = #{updateBy},</if>
update_time = sysdate()
</set>
- where dept_id in (${ancestors})
+ where find_in_set(#{deptId}, ancestors)
</update>
<delete id="deleteDeptById" parameterType="Long">
--
Gitblit v1.9.2