修复sql注入安全隐患感谢@Tom4t0提交漏洞

3 years ago · 7677f2196b
1 changed files with 15 additions and 4 deletions
--- a/server/service/system/sys_api.go
+++ b/server/service/system/sys_api.go
@ -76,11 +76,22 @@ func (apiService *ApiService) GetAPIInfoList(api system.SysApi, info request.Pag
 		db = db.Limit(limit).Offset(offset)
 		if order != "" {
 			var OrderStr string
-			if desc {
-				OrderStr = order + " desc"
-			} else {
-				OrderStr = order
+			// 设置有效排序key 防止sql注入
+			// 感谢 Tom4t0 提交漏洞信息
+			orderMap := make(map[string]bool, 5)
+			orderMap["id"] = true
+			orderMap["path"] = true
+			orderMap["api_group"] = true
+			orderMap["description"] = true
+			orderMap["method"] = true
+			if orderMap[order] {
+				if desc {
+					OrderStr = order + " desc"
+				} else {
+					OrderStr = order
+				}
 			}
+
 			err = db.Order(OrderStr).Find(&apiList).Error
 		} else {
 			err = db.Order("api_group").Find(&apiList).Error