(iotdb) branch codex/jdbc-driver-info updated: Validate JDBC URL query parameters

Mon, 08 Jun 2026 02:29:09 -0700 

This is an automated email from the ASF dual-hosted git repository.

Caideyipi pushed a commit to branch codex/jdbc-driver-info
in repository https://gitbox.apache.org/repos/asf/iotdb.git


The following commit(s) were added to refs/heads/codex/jdbc-driver-info by this 
push:
     new 11be88c5f87 Validate JDBC URL query parameters
11be88c5f87 is described below

commit 11be88c5f87f43c6a9750b014097c5c538bf4d53
Author: Caideyipi <[email protected]>
AuthorDate: Mon Jun 8 17:28:26 2026 +0800

    Validate JDBC URL query parameters
---
 .../src/main/java/org/apache/iotdb/jdbc/Utils.java | 34 ++++++++++++++++++++--
 .../test/java/org/apache/iotdb/jdbc/UtilsTest.java | 25 ++++++++++++++++
 2 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/Utils.java 
b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/Utils.java
index 0717430cdd3..89fa1171901 100644
--- a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/Utils.java
+++ b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/Utils.java
@@ -162,7 +162,7 @@ public class Utils {
       return true;
     }
     String paramURL = subURL.substring(subURL.indexOf('?') + 1);
-    String[] params = paramURL.split("&");
+    String[] params = paramURL.split("&", -1);
     for (String tmpParam : params) {
       int separatorIndex = tmpParam.indexOf('=');
       if (separatorIndex <= 0 || separatorIndex == tmpParam.length() - 1) {
@@ -172,18 +172,42 @@ public class Utils {
       String value = tmpParam.substring(separatorIndex + 1);
       switch (key) {
         case RPC_COMPRESS:
-          if ("true".equalsIgnoreCase(value) || 
"false".equalsIgnoreCase(value)) {
+          if (isBoolean(value)) {
             Config.rpcThriftCompressionEnable = Boolean.parseBoolean(value);
           } else {
             return false;
           }
           break;
-        case Config.USE_SSL:
         case Config.TRUST_STORE:
         case Config.TRUST_STORE_PWD:
+          info.put(key, value);
+          break;
+        case Config.USE_SSL:
+          if (!isBoolean(value)) {
+            return false;
+          }
+          info.put(key, value);
+          break;
         case Config.VERSION:
+          try {
+            Constant.Version.valueOf(value);
+          } catch (IllegalArgumentException e) {
+            return false;
+          }
+          info.put(key, value);
+          break;
         case Config.NETWORK_TIMEOUT:
+          try {
+            Integer.parseInt(value);
+          } catch (NumberFormatException e) {
+            return false;
+          }
+          info.put(key, value);
+          break;
         case Config.SQL_DIALECT:
+          if (!Constant.TREE.equals(value) && !Constant.TABLE.equals(value)) {
+            return false;
+          }
           info.put(key, value);
           break;
         case Config.TIME_ZONE:
@@ -210,5 +234,9 @@ public class Utils {
     return true;
   }
 
+  private static boolean isBoolean(String value) {
+    return "true".equalsIgnoreCase(value) || "false".equalsIgnoreCase(value);
+  }
+
   private Utils() {}
 }
diff --git 
a/iotdb-client/jdbc/src/test/java/org/apache/iotdb/jdbc/UtilsTest.java 
b/iotdb-client/jdbc/src/test/java/org/apache/iotdb/jdbc/UtilsTest.java
index 1be8c236dfb..e8241dd6aa2 100644
--- a/iotdb-client/jdbc/src/test/java/org/apache/iotdb/jdbc/UtilsTest.java
+++ b/iotdb-client/jdbc/src/test/java/org/apache/iotdb/jdbc/UtilsTest.java
@@ -188,4 +188,29 @@ public class UtilsTest {
   public void testParseUrlParamRejectsEmptyValue() throws IoTDBURLException {
     Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?use_ssl=", new Properties());
   }
+
+  @Test(expected = IoTDBURLException.class)
+  public void testParseUrlParamRejectsTrailingSeparator() throws 
IoTDBURLException {
+    Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?use_ssl=true&", new 
Properties());
+  }
+
+  @Test(expected = IoTDBURLException.class)
+  public void testParseUrlParamRejectsInvalidBooleanValue() throws 
IoTDBURLException {
+    Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?use_ssl=abc", new 
Properties());
+  }
+
+  @Test(expected = IoTDBURLException.class)
+  public void testParseUrlParamRejectsInvalidVersionValue() throws 
IoTDBURLException {
+    Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?version=bad", new 
Properties());
+  }
+
+  @Test(expected = IoTDBURLException.class)
+  public void testParseUrlParamRejectsInvalidNetworkTimeoutValue() throws 
IoTDBURLException {
+    Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?network_timeout=bad", new 
Properties());
+  }
+
+  @Test(expected = IoTDBURLException.class)
+  public void testParseUrlParamRejectsInvalidSqlDialectValue() throws 
IoTDBURLException {
+    Utils.parseUrl("jdbc:iotdb://127.0.0.1:6667?sql_dialect=bad", new 
Properties());
+  }
 }

Reply via email to