add jdbc example

yaklang · Jul 1, 2024 · 6457e18 · 6457e18
1 parent ebca570
commit 6457e18
Show file tree

Hide file tree

Showing 5 changed files with 88 additions and 0 deletions.
diff --git a/.github/workflows/essential-for-syntaxflow.yaml b/.github/workflows/essential-for-syntaxflow.yaml
diff --git a/java-jdbc/java-jdbc-execute.sf b/java-jdbc/java-jdbc-execute.sf
@@ -0,0 +1,11 @@
+desc(
+    title: "JDBC getConnection.createStatement.executeQuery SQL",
+    title_zh: "JDBC getConnection.createStatement.executeQuery SQL 执行语句",
+    is_vuln: "false",
+)
+
+DriverManager.getConnection().createStatement() as $stmt;
+$stmt?{!.set*()} as $checkedStmt;
+$checkedStmt.executeQuery() as $sink;
+
+check $sink;
diff --git a/java-jdbc/java-jdbc-prepare-stmt.sf b/java-jdbc/java-jdbc-prepare-stmt.sf
@@ -0,0 +1,11 @@
+desc(
+    title: "JDBC getConnection.prepareStatement.executeQuery SQL",
+    title_zh: "JDBC getConnection.prepareStatement.executeQuery SQL 执行语句",
+    is_vuln: "false",
+)
+
+DriverManager.getConnection() as $conn;
+$conn.prepareStatement() as $stmt;
+$stmt.executeQuery() as $sink;
+
+// check $sink then "Prepared Statement SQL ExecuteQuery" then "Not Found Prepare Statement SQL ExecuteQuery";
diff --git a/java-jdbc/sample/JDBCDemo1.java b/java-jdbc/sample/JDBCDemo1.java
@@ -0,0 +1,35 @@
+import java.sql.*;
+
+public class JdbcExample {
+    public static void main(String[] args) {
+        String url = "jdbc:mysql://localhost:3306/exampledb";
+        String username = "root";
+        String password = "password";
+
+        try {
+            // 加载和注册 JDBC 驱动
+            Class.forName("com.mysql.cj.jdbc.Driver");
+
+            // 建立连接
+            Connection conn = DriverManager.getConnection(url, username, password);
+
+            // 创建 Statement
+            Statement stmt = conn.createStatement();
+
+            // 执行查询
+            ResultSet rs = stmt.executeQuery("SELECT * FROM users");
+
+            // 处理 ResultSet
+            while (rs.next()) {
+                System.out.println(rs.getString("username"));
+            }
+
+            // 关闭连接
+            rs.close();
+            stmt.close();
+            conn.close();
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+}
diff --git a/java-jdbc/sample/JDBCDemo_PrepareStatement.java b/java-jdbc/sample/JDBCDemo_PrepareStatement.java
@@ -0,0 +1,31 @@
+import java.sql.*;
+
+public class PreparedStatementExample {
+    public static void main(String[] args) {
+        String url = "jdbc:mysql://localhost:3306/exampledb";
+        String username = "root";
+        String password = "password";
+        String userId = "1"; // 假设这是用户输入
+
+        try {
+            Connection conn = DriverManager.getConnection(url, username, password);
+
+            // 使用 PreparedStatement
+            String sql = "SELECT * FROM users WHERE id = ?";
+            PreparedStatement pstmt = conn.prepareStatement(sql);
+            pstmt.setString(1, userId);  // 设置占位符的值
+
+            ResultSet rs = pstmt.executeQuery();
+
+            while (rs.next()) {
+                System.out.println(rs.getString("username"));
+            }
+
+            rs.close();
+            pstmt.close();
+            conn.close();
+        } catch (SQLException e) {
+            e.printStackTrace();
+        }
+    }
+}