Skip to content

A
amos-boot-biz
Commit 32b85432 authored by zhangsen's avatar zhangsen
Browse files
Options

漏洞文件漏洞修改 - 随机数安全性

parent 99007a37
Show whitespace changes
Inline Side-by-side
Showing with 8 additions and 24 deletions
amos-boot-biz-common/src/main/java/com/yeejoin/amos/boot/biz/common/utils/SecureRandomUtil.java
View file @ 32b85432
package com.yeejoin.amos.boot.biz.common.utils;
import java.security.SecureRandom;
import java.util.Random;
public class SecureRandomUtil {
public static int getIntSecureRandom(Integer bound) {
......@@ -17,14 +16,4 @@ public class SecureRandomUtil {
public static int getIntSecureRandom(Integer bound, SecureRandom secureRandom) {
return secureRandom.nextInt(bound);
}
public static void main(String[] args) {
SecureRandom secureRandom = new SecureRandom();
System.out.println((secureRandom.nextDouble() * 9 + 1) * 100000 + "-----");
Random random = new Random();
System.out.println((Math.random() * 9 + 1) * 100000);
System.out.println((int) (secureRandom.nextDouble() * 900 + 100));
}
}
amos-boot-module/amos-boot-module-api/amos-boot-module-equip-api/src/main/java/com/yeejoin/equipmanage/common/utils/RandomUtil.java
View file @ 32b85432
......@@ -5,11 +5,8 @@ import com.yeejoin.amos.boot.biz.common.utils.SecureRandomUtil;
import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Random;
import java.util.concurrent.ThreadLocalRandom;
public class RandomUtil {
private static ThreadLocalRandom threadLocalRandom;
public static String buildOrderNo() {
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
......@@ -33,14 +30,12 @@ public class RandomUtil {
* @Date 2020/12/18 11:49
*/
public static String buildNo(String resourceType, String companyCode) {
threadLocalRandom = ThreadLocalRandom.current();
int num = threadLocalRandom.nextInt(1000, 9999);
return resourceType + companyCode + num;
int intSecureRandom = SecureRandomUtil.getIntSecureRandom(9999 - 1000) + 1000;
return resourceType + companyCode + intSecureRandom;
}
public static String buildNo() {
threadLocalRandom = ThreadLocalRandom.current();
int num = threadLocalRandom.nextInt(1000, 9999);
int num = SecureRandomUtil.getIntSecureRandom(9999 - 1000) + 1000;
return String.valueOf(num);
}
}
amos-boot-module/amos-boot-module-biz/amos-boot-module-equip-biz/src/main/java/com/yeejoin/equipmanage/controller/EquipmentDetailController.java
View file @ 32b85432
......@@ -651,12 +651,12 @@ public class EquipmentDetailController extends AbstractBaseController {
// List<EquipmentDetailDownloadTemplateVO> equipmentDetailDownloadS = ExcelUtils.importExcel(file, 1, 1, EquipmentDetailDownloadTemplateVO.class);
String key="";
String stringUUid="";
try {
UUID uuid = UUID.randomUUID();
key= uuid.toString();
stringUUid = uuid.toString();
ExcelEnums excelEnums = null;
if (!enabled){
if (!enabled) {
excelEnums = ExcelEnums.getByKey(ExcelEnums.XFZBSINGLE.getType());
}else {
excelEnums = ExcelEnums.getByKey(ExcelEnums.XFZB.getType());
......@@ -664,14 +664,14 @@ public class EquipmentDetailController extends AbstractBaseController {
ExcelDto excelDto = new ExcelDto(excelEnums.getFileName(), excelEnums.getSheetName(), excelEnums.getClassUrl(), excelEnums.getType());
// date= excelService.commonUpload(file, excelDto, getSelectedOrgInfo(), getUserInfo());
EquipmentDetailController controllerProxy1 = SpringUtils.getBean(EquipmentDetailController.class);
controllerProxy1.commonUpload(file, excelDto,key, getSelectedOrgInfo(), getUserInfo());
controllerProxy1.commonUpload(file, excelDto, stringUUid, getSelectedOrgInfo(), getUserInfo());
EquipmentDetailController controllerProxy = SpringUtils.getBean(EquipmentDetailController.class);
controllerProxy.refreshAllCount();
} catch (Exception e) {
e.printStackTrace();
throw new BadRequest(e.getMessage());
}
return ResponseHelper.buildResponse(key);
return ResponseHelper.buildResponse(stringUUid);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment