From 80980e74cf9a317a21255376ecab6cbce5308a6a Mon Sep 17 00:00:00 2001 From: liuliaozhong Date: Fri, 12 May 2023 15:03:53 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20fast=5Ftransfer=5Ffile=20API=20=E5=88=86?= =?UTF-8?q?=E5=8F=91=E6=96=87=E4=BB=B6=EF=BC=8C=E5=A6=82=E6=9E=9C=E6=BA=90?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E4=B8=AD=E7=9A=84=E6=96=87=E4=BB=B6=E5=90=8D?= =?UTF-8?q?=E5=8C=85=E5=90=AB=E7=A9=BA=E6=A0=BC=EF=BC=8C=E4=BC=9A=E6=8A=A5?= =?UTF-8?q?=E9=94=99=20#812?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../job/common/util/FilePathValidateUtil.java | 45 +++++++++++++++++-- .../common/util/FilePathValidateUtilTest.java | 35 ++++++++++++++- 2 files changed, 75 insertions(+), 5 deletions(-) diff --git a/src/backend/commons/common-utils/src/main/java/com/tencent/bk/job/common/util/FilePathValidateUtil.java b/src/backend/commons/common-utils/src/main/java/com/tencent/bk/job/common/util/FilePathValidateUtil.java index bea83ad478..b0ec6984f4 100644 --- a/src/backend/commons/common-utils/src/main/java/com/tencent/bk/job/common/util/FilePathValidateUtil.java +++ b/src/backend/commons/common-utils/src/main/java/com/tencent/bk/job/common/util/FilePathValidateUtil.java @@ -1,5 +1,6 @@ package com.tencent.bk.job.common.util; +import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import java.util.regex.Pattern; @@ -7,17 +8,25 @@ /** * 文件路径合法性校验工具类 */ +@Slf4j public class FilePathValidateUtil { // 传统DOS正则表达式 - private static final String CONVENTIONAL_DOS_PATH_REGEX = "(^[A-Za-z]:\\\\([^\\\\])(([^\\\\/:*?\"<>|])*\\\\?)*)|" + - "(^[A-Za-z]:[\\\\])"; + private static final String CONVENTIONAL_DOS_PATH_REGEX = "(^[A-Za-z]:\\\\([^\\\\])(([^\\\\/:?\"<>|]" + + "|REGEX:(.*))*\\\\?)*)|(^[A-Za-z]:[\\\\])"; + // Linux路径正则表达式 private static final String LINUX_PATH_REGEX = "^/(((../)*|(./)*)|(\\.?[^.].*/{0,1}))+"; + // 内置变量或全局变量正则表达式 + private static final String VARIABLE_REGEX = "(([A-Za-z]:\\\\)|(/)).*\\[[a-zA-Z0-9:/_-]*\\].*" + + "|.*\\$\\{[a-zA-Z_][a-zA-Z0-9_-]*\\}.*"; + // 传统DOS Pattern private static final Pattern CONVENTIONAL_DOS_PATH_PATTERN = Pattern.compile(CONVENTIONAL_DOS_PATH_REGEX); // Linux路径Pattern private static final Pattern LINUX_PATH_PATTERN = Pattern.compile(LINUX_PATH_REGEX); + // 内置变量或全局变量Pattern + private static final Pattern VARIABLE_PATTERN = Pattern.compile(VARIABLE_REGEX); /** * 验证文件系统绝对路径的合法性 @@ -28,11 +37,24 @@ public static boolean validateFileSystemAbsolutePath(String path) { if (StringUtils.isBlank(path)) { return false; } + + // 路径中有合法的内置变量或全局变量通过校验 + if (validateVariable(path)) { + log.warn("The path {} contains legal variables", path); + return true; + } + + boolean result; if (isLinuxAbsolutePath(path)) { - return validateLinuxFileSystemAbsolutePath(path); + result = validateLinuxFileSystemAbsolutePath(path); } else { - return validateWindowsFileSystemAbsolutePath(path); + result = validateWindowsFileSystemAbsolutePath(path); + } + if (!result) { + // 路径不合法 + log.error("The path {} is invalid and the verification fails", path); } + return result; } /** @@ -77,4 +99,19 @@ private static boolean validateLinuxFileSystemAbsolutePath(String path) { } return false; } + + /** + * 验证路径中变量合法性 + * 1 ${全局变量},其中变量只能是英文字符、下划线开头;只允许英文字符、数字、下划线、和- + * 2 [内置变量],根路径开头 + * + * @param path + * @return boolean + */ + private static boolean validateVariable(String path) { + if (VARIABLE_PATTERN.matcher(path).matches()) { + return true; + } + return false; + } } diff --git a/src/backend/commons/common-utils/src/test/java/com/tencent/bk/job/common/util/FilePathValidateUtilTest.java b/src/backend/commons/common-utils/src/test/java/com/tencent/bk/job/common/util/FilePathValidateUtilTest.java index d8dae63f9e..327d323d29 100644 --- a/src/backend/commons/common-utils/src/test/java/com/tencent/bk/job/common/util/FilePathValidateUtilTest.java +++ b/src/backend/commons/common-utils/src/test/java/com/tencent/bk/job/common/util/FilePathValidateUtilTest.java @@ -18,6 +18,25 @@ void testFileSystemAbsolutePath(){ assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\logs\\..\\access.log")).isTrue(); assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\.config\\conf")).isTrue(); assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\user\\abc>a")).isFalse(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\user\\abc:a")).isFalse(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\user\\abc|a")).isFalse(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\user\\abc?a")).isFalse(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("C:\\user\\abca")).isTrue(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("/tmp/abc:a")).isTrue(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("/tmp/abc|a")).isTrue(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("/tmp/abc?a")).isTrue(); + assertThat(FilePathValidateUtil.validateFileSystemAbsolutePath("/tmp/abc