druid PostgreSQL 中 对 “CREATE TYPE ” 解析报错

bd1hkmkf  于 5个月前  发布在  Druid
关注(0)|答案(1)|浏览(61)

druid 1.1.10

java.sql.SQLException: sql injection violation, syntax error: TODO TYPE :    CREATE TYPE CACHE_COMMON_TYPE_ENUM_ AS ENUM('EHCACHE', 'REDIS', 'NONE')
	at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:798)
	at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:780)
	at com.alibaba.druid.wall.WallFilter.statement_executeUpdate(WallFilter.java:542)
	at com.alibaba.druid.filter.FilterChainImpl.statement_executeUpdate(FilterChainImpl.java:2844)
	at com.alibaba.druid.filter.FilterAdapter.statement_executeUpdate(FilterAdapter.java:2508)
	at com.alibaba.druid.filter.FilterEventAdapter.statement_executeUpdate(FilterEventAdapter.java:327)
	at com.alibaba.druid.filter.FilterChainImpl.statement_executeUpdate(FilterChainImpl.java:2844)
	at com.alibaba.druid.filter.FilterAdapter.statement_executeUpdate(FilterAdapter.java:2508)
	at com.alibaba.druid.filter.FilterChainImpl.statement_executeUpdate(FilterChainImpl.java:2844)
	at com.alibaba.druid.proxy.jdbc.StatementProxyImpl.executeUpdate(StatementProxyImpl.java:235)
	at com.alibaba.druid.pool.DruidPooledStatement.executeUpdate(DruidPooledStatement.java:319)
	at com.weaver.emobile.core.config.DatabaseUpgradeConfig.init(DatabaseUpgradeConfig.java:275)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:363)
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:307)
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:136)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:419)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1737)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:576)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:846)
	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:863)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546)
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140)
	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)
	at com.weaver.emobile.WebApplication.main(WebApplication.java:35)
Caused by: com.alibaba.druid.sql.parser.ParserException: TODO TYPE
	at com.alibaba.druid.sql.parser.SQLStatementParser.parseCreate(SQLStatementParser.java:2142)
	at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:161)
	at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:83)
	at com.alibaba.druid.wall.WallProvider.checkInternal(WallProvider.java:624)
	at com.alibaba.druid.wall.WallProvider.check(WallProvider.java:578)
	at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:785)
	... 36 common frames omitted
bvuwiixz

bvuwiixz1#

我用下面代码处理,仅供参考

private def stripUnsurpported(sql: String): String =
    sql
      .replaceAll("\\b(DEFAULT|default)\\b.+?(?=,|\\n|not|NOT)", "")
      .replaceAll("CREATE SCHEMA.+?;", "")
      .replaceAll("CREATE SEQUENCE(.|\\n)+?;", "")
      .replaceAll("CREATE TYPE(.|\\n)+?;", "")
      .replaceAll("NOT DEFERRABLE", "")
      .replaceAll("INITIALLY IMMEDIATE", "")
      .replaceAll("CREATE (UNIQUE)? INDEX(.|\\n)+?;", "")
  private def extractEnums(sql: String): List[TyEnum] = {
    new Regex("(CREATE|create)\\s+(TYPE|type)\\s+(.+)\\s+(AS|as)\\s+(ENUM|enum)\\s*\\((.+?)\\);")
      .findAllMatchIn(sql)
      .map(m => m.group(3) -> m.group(6))
      .map { (k, v) =>
        k -> v
          .split(",")
          .map(StringUtils.strip(_, " '"))
          .map(variantName => TyVariant(List(variantName), None, Some(variantName)))
      }
      .map {
        case (s"$schema.$name", v) =>
          TyEnum(v.toList, None, Some(name), Some(TyStringImpl()), Some(schema))
        case (enumName, v) =>
          TyEnum(v.toList, None, Some(enumName), Some(TyStringImpl()))

      }
      .toList
  }

相关问题