search

alibaba / druid

阿里云计算平台DataWorks(https://help.aliyun.com/document_detail/137663.html) 团队出品,为监控而生的数据库连接池
https://github.com/alibaba/druid/wiki
Apache License 2.0
27.9k stars 8.57k forks source link

sql injection violation--版本是1.1.10 #3307

Open braveboo opened 5 years ago

braveboo commented 5 years ago

java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'BEGIN;', expect END, actual EOF pos 6, line 1, column 7, token EOF : BEGIN; at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:798) at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:780) at com.alibaba.druid.wall.WallFilter.statement_execute(WallFilter.java:413) at com.alibaba.druid.filter.FilterChainImpl.statement_execute(FilterChainImpl.java:2956) at com.alibaba.druid.proxy.jdbc.StatementProxyImpl.execute(StatementProxyImpl.java:147) at com.alibaba.druid.pool.DruidPooledStatement.execute(DruidPooledStatement.java:619) at com.didi.scinvoice.common.SmartDataSourceTransactionManager.doBegin(SmartDataSourceTransactionManager.java:32) at org.springframework.transaction.support.AbstractPlatformTransactionManager.getTransaction(AbstractPlatformTransactionManager.java:373) at org.springframework.transaction.interceptor.TransactionAspectSupport.createTransactionIfNecessary(TransactionAspectSupport.java:427) at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:276) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:655) at com.didi.scinvoice.adaptor.impl.InvoiceApplicationAdaptorImpl$$EnhancerBySpringCGLIB$$ff45f684.updateStatus() at com.didi.scinvoice.service.impl.ElectricApplyPushServiceImpl.pushEInvoiceV2(ElectricApplyPushServiceImpl.java:106) at com.didi.scinvoice.service.impl.ElectricApplyPushServiceImpl.access$000(ElectricApplyPushServiceImpl.java:40) at com.didi.scinvoice.service.impl.ElectricApplyPushServiceImpl$1.call(ElectricApplyPushServiceImpl.java:86) at com.didi.scinvoice.service.impl.ElectricApplyPushServiceImpl$1.call(ElectricApplyPushServiceImpl.java:75) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: com.alibaba.druid.sql.parser.ParserException: syntax error, error in :'BEGIN;', expect END, actual EOF pos 6, line 1, column 7, token EOF

yili001 commented 3 years ago

我也是一样,一执行到BEGIN这里就会报这个错