diff --git a/linkis-public-enhancements/linkis-datasource/linkis-metadata-query/service/jdbc/src/main/java/org/apache/linkis/metadata/query/service/db2/SqlConnection.java b/linkis-public-enhancements/linkis-datasource/linkis-metadata-query/service/jdbc/src/main/java/org/apache/linkis/metadata/query/service/db2/SqlConnection.java index 3f61ac51f5..09201d58d8 100644 --- a/linkis-public-enhancements/linkis-datasource/linkis-metadata-query/service/jdbc/src/main/java/org/apache/linkis/metadata/query/service/db2/SqlConnection.java +++ b/linkis-public-enhancements/linkis-datasource/linkis-metadata-query/service/jdbc/src/main/java/org/apache/linkis/metadata/query/service/db2/SqlConnection.java @@ -18,6 +18,7 @@ package org.apache.linkis.metadata.query.service.db2; import org.apache.linkis.common.conf.CommonVars; +import org.apache.linkis.common.exception.LinkisSecurityException; import org.apache.linkis.metadata.query.service.AbstractSqlConnection; import org.apache.commons.collections.MapUtils; @@ -42,6 +43,10 @@ public class SqlConnection extends AbstractSqlConnection { private static final CommonVars SQL_CONNECT_URL = CommonVars.apply("wds.linkis.server.mdm.service.db2.url", "jdbc:db2://%s:%s/%s"); + /** clientRerouteServerListJNDIName */ + private static final CommonVars DB2_SENSITIVE_PARAMS = + CommonVars.apply("linkis.db2.sensitive.params", "clientRerouteServerListJNDIName"); + public SqlConnection( String host, Integer port, @@ -115,6 +120,9 @@ public Connection getDBConnection(ConnectMessage connectMessage, String database .collect(Collectors.joining("&")); url += "?" + extraParamString; } + if (url.toLowerCase().contains(DB2_SENSITIVE_PARAMS.getValue().toLowerCase())) { + throw new LinkisSecurityException(35000, "Invalid db2 connection params."); + } return DriverManager.getConnection(url, connectMessage.username, connectMessage.password); }