🔒 SQL injection security vulnerabilities #13077 #13057

siyuan-note · Nov 7, 2024 · 06c3977 · 06c3977
1 parent ed33718
commit 06c3977
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/kernel/model/history.go b/kernel/model/history.go
@@ -448,6 +448,13 @@ func FullTextSearchHistoryItems(created, query, box, op string, typ int) (ret []
 	table := "histories_fts_case_insensitive"
 	stmt := "SELECT * FROM " + table + " WHERE "
 	stmt += buildSearchHistoryQueryFilter(query, op, box, table, typ)
+
+	_, parseErr := strconv.Atoi(created)
+	if nil != parseErr {
+		ret = []*HistoryItem{}
+		return
+	}
+
 	stmt += " AND created = '" + created + "' ORDER BY created DESC LIMIT " + fmt.Sprintf("%d", fileHistoryPageSize)
 	sqlHistories := sql.SelectHistoriesRawStmt(stmt)
 	ret = fromSQLHistories(sqlHistories)