From 12ad80d539b4bf27aee4121d8d717eca92d4490e Mon Sep 17 00:00:00 2001
From: zhangdaiscott <zhangdaiscott@163.com>
Date: Fri, 25 Jun 2021 15:32:24 +0800
Subject: [PATCH] 表字典接口存在SQL注入漏洞，增加签名拦截器 自定义组件验签失败 issues/I3XNK1

---
 jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java b/jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java
index 5a56339..d90d3a0 100644
--- a/jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java
+++ b/jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java
@@ -1,10 +1,5 @@
 package org.jeecg.config.sign.util;
 
-import com.alibaba.fastjson.JSONObject;
-import org.jeecg.common.util.oConvertUtils;
-import org.springframework.http.HttpMethod;
-
-import javax.servlet.http.HttpServletRequest;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
@@ -15,12 +10,21 @@ import java.util.Map;
 import java.util.SortedMap;
 import java.util.TreeMap;
 
+import javax.servlet.http.HttpServletRequest;
+
+import lombok.extern.slf4j.Slf4j;
+import org.jeecg.common.util.oConvertUtils;
+import org.springframework.http.HttpMethod;
+
+import com.alibaba.fastjson.JSONObject;
+
 /**
  * http 工具类 获取请求中的参数
  *
  * @author jeecg
  * @date 20210621
  */
+@Slf4j
 public class HttpUtils {
 
     /**
@@ -36,7 +40,10 @@ public class HttpUtils {
         // 获取URL上最后带逗号的参数变量 sys/dict/getDictItems/sys_user,realname,username
         String pathVariable = request.getRequestURI().substring(request.getRequestURI().lastIndexOf("/") + 1);
         if (pathVariable.contains(",")) {
-            result.put(SignUtil.xPathVariable, pathVariable);
+            log.info(" pathVariable: {}",pathVariable);
+            String deString = URLDecoder.decode(pathVariable, "UTF-8");
+            log.info(" pathVariable decode: {}",deString);
+            result.put(SignUtil.xPathVariable, deString);
         }
         // 获取URL上的参数
         Map<String, String> urlParams = getUrlParams(request);
@@ -71,7 +78,10 @@ public class HttpUtils {
         // 获取URL上最后带逗号的参数变量 sys/dict/getDictItems/sys_user,realname,username
         String pathVariable = url.substring(url.lastIndexOf("/") + 1);
         if (pathVariable.contains(",")) {
-            result.put(SignUtil.xPathVariable, pathVariable);
+            log.info(" pathVariable: {}",pathVariable);
+            String deString = URLDecoder.decode(pathVariable, "UTF-8");
+            log.info(" pathVariable decode: {}",deString);
+            result.put(SignUtil.xPathVariable, deString);
         }
         // 获取URL上的参数
         Map<String, String> urlParams = getUrlParams(queryString);
--
libgit2 0.22.2