From 4c8c7849f2bc703c5a248bbe747b49c361285f39 Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Fri, 21 Apr 2023 10:41:20 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=8F=AA=E6=9C=89=E4=B8=80?=
 =?UTF-8?q?=E4=B8=AA=E6=B3=9B=E5=9F=9F=E5=90=8D=E6=97=B6=E6=97=A0=E6=B3=95?=
 =?UTF-8?q?=E6=9F=A5=E8=AF=A2=E5=8C=B9=E9=85=8D=E8=AF=81=E4=B9=A6=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/db/models/ssl_cert_dao.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/internal/db/models/ssl_cert_dao.go b/internal/db/models/ssl_cert_dao.go
index 2e51c41f..ea8e8efa 100644
--- a/internal/db/models/ssl_cert_dao.go
+++ b/internal/db/models/ssl_cert_dao.go
@@ -684,7 +684,7 @@ func (this *SSLCertDAO) buildDomainSearchingQuery(query *dbs.Query, domains []st
 	for _, domain := range domains {
 		domainMap[domain] = true
 	}
-	var reg = regexp.MustCompile(`^[\w.-]+$`) // 为了下面的SQL语句安全先不支持其他字符
+	var reg = regexp.MustCompile(`^[\w*.-]+$`) // 为了下面的SQL语句安全先不支持其他字符
 	for domain := range domainMap {
 		if !reg.MatchString(domain) {
 			continue
@@ -729,7 +729,9 @@ func (this *SSLCertDAO) buildDomainSearchingQuery(query *dbs.Query, domains []st
 
 		sqlPieces = append(sqlPieces, "JSON_CONTAINS(dnsNames, '"+string(domainJSON)+"')")
 	}
-	query.Where("(" + strings.Join(sqlPieces, " OR ") + ")")
+	if len(sqlPieces) > 0 {
+		query.Where("(" + strings.Join(sqlPieces, " OR ") + ")")
+	}
 
 	return nil
 }