diff options
3 files changed, 14 insertions, 6 deletions
diff --git a/juick-server-jdbc/src/main/java/com/juick/service/SphinxSearchService.java b/juick-server-jdbc/src/main/java/com/juick/service/SphinxSearchService.java index d8330908..7de0680e 100644 --- a/juick-server-jdbc/src/main/java/com/juick/service/SphinxSearchService.java +++ b/juick-server-jdbc/src/main/java/com/juick/service/SphinxSearchService.java @@ -52,8 +52,9 @@ public class SphinxSearchService extends BaseJdbcService implements SearchServic } return getJdbcTemplate().queryForList( - "SELECT id FROM search WHERE query = '?;?'", Integer.class, searchString, - sphinxQuery.keySet().stream().map(Object::toString).collect(Collectors.joining(";"))); + String.format("SELECT id FROM search WHERE query = '%s;%s'", searchString, + sphinxQuery.keySet().stream().map(Object::toString) + .collect(Collectors.joining(";"))), Integer.class); } @Override @@ -69,9 +70,9 @@ public class SphinxSearchService extends BaseJdbcService implements SearchServic sphinxQuery.put("maxid", String.valueOf(messageIdBefore - 1)); } return getJdbcTemplate().queryForList( - "SELECT id FROM search WHERE query = '?;filter=user_id,?;?'", - Integer.class, searchString, userId, - sphinxQuery.keySet().stream().map(Object::toString).collect(Collectors.joining(";"))); + String.format("SELECT id FROM search WHERE query = '%s;%s;filter=user_id,%d'", searchString, + sphinxQuery.keySet().stream().map(Object::toString) + .collect(Collectors.joining(";")), userId), Integer.class); } @Override diff --git a/juick-www/src/main/java/com/juick/www/Utils.java b/juick-www/src/main/java/com/juick/www/Utils.java index 8ab277db..3b1932d0 100644 --- a/juick-www/src/main/java/com/juick/www/Utils.java +++ b/juick-www/src/main/java/com/juick/www/Utils.java @@ -27,7 +27,8 @@ public class Utils { public static String encodeSphinx(String str) { - return str.replaceAll("@", "\\\\@"); + return str.replaceAll("@", "\\\\@") + .replaceAll("\\'", "\\\\'"); } /** diff --git a/juick-www/src/test/java/com/juick/WebAppTests.java b/juick-www/src/test/java/com/juick/WebAppTests.java index e74b694e..74be2c92 100644 --- a/juick-www/src/test/java/com/juick/WebAppTests.java +++ b/juick-www/src/test/java/com/juick/WebAppTests.java @@ -25,6 +25,7 @@ import com.gargoylesoftware.htmlunit.html.DomElement; import com.gargoylesoftware.htmlunit.html.HtmlPage; import com.juick.service.*; import com.juick.util.MessageUtils; +import com.juick.www.Utils; import com.juick.www.WebApp; import com.mitchellbosecke.pebble.PebbleEngine; import com.mitchellbosecke.pebble.error.PebbleException; @@ -414,4 +415,9 @@ public class WebAppTests { HtmlPage unreadThread = webClient.getPage(String.format("http://localhost:8080/ugnich/%d", mid)); assertThat(unreadThread.querySelectorAll("#global a .badge").size(), is(0)); } + @Test + public void escapeSqlTests() { + String sql = String.format("SELECT * FROM table WHERE data='%s'", Utils.encodeSphinx("';-- DROP TABLE table")); + assertThat(sql, is("SELECT * FROM table WHERE data='\\';-- DROP TABLE table\'")); + } } |