修改写文件时文件路径名校验

Signed-off-by: xangjm <xiangjiaming2@huawei.com>

device/plugins/ftrace_plugin/src/file_utils.cpp

@@ -21,6 +21,7 @@
 #include <dirent.h>
 #include <fcntl.h>
 #include <unistd.h>
+#include <regex>
 #include "logging.h"
 
 namespace {
@@ -78,10 +79,28 @@ int FileUtils::WriteFile(const std::string& path, const std::string& content, in
 
 int FileUtils::WriteFile(const std::string& path, const std::string& content, int flags, int mode)
 {
-    if (path.empty() || (path.length() >= PATH_MAX) || (path.find("..") != std::string::npos)) {
+    if (path.empty() || (path.length() >= PATH_MAX)) {
         HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
         return -1;
     }
+
+    std::regex dirNameRegex("[.~-]");
+    std::regex fileNameRegex("[\\/:*?\"<>|]");
+    size_t pos = path.rfind("/");
+    if (pos != std::string::npos) {
+        std::string dirName = path.substr(0, pos+1);
+        std::string fileName = path.substr(pos+1, path.length()-pos-1);
+        if (std::regex_search(dirName, dirNameRegex) || std::regex_search(fileName, fileNameRegex)) {
+            HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
+            return -1;
+        }
+    } else {
+        if (std::regex_search(path, fileNameRegex)) {
+            HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
+            return -1;
+        }
+    }
+
     int fd = open(path.c_str(), flags, mode);
     CHECK_TRUE(fd >= 0, -1, "open %s failed, %d", path.c_str(), errno);
 

device/plugins/ftrace_plugin/src/flow_controller.cpp

@@ -22,6 +22,7 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <unistd.h>
+#include <regex>
 
 #include "bytrace_ops.h"
 #include "file_utils.h"
@@ -151,10 +152,28 @@ bool FlowController::CreateRawDataCaches()
         auto& path = rawDataDumpPath_[i];
         HILOG_INFO(LOG_CORE, "create raw data cache[%zu]: %s", i, path.c_str());
 
-        if (path.empty() || (path.length() >= PATH_MAX) || (path.find("..") != std::string::npos)) {
+        if (path.empty() || (path.length() >= PATH_MAX)) {
             HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
             return false;
         }
+
+        std::regex dirNameRegex("[.~-]");
+        std::regex fileNameRegex("[\\/:*?\"<>|]");
+        size_t pos = path.rfind("/");
+        if (pos != std::string::npos) {
+            std::string dirName = path.substr(0, pos+1);
+            std::string fileName = path.substr(pos+1, path.length()-pos-1);
+            if (std::regex_search(dirName, dirNameRegex) || std::regex_search(fileName, fileNameRegex)) {
+                HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
+                return false;
+            }
+        } else {
+            if (std::regex_search(path, fileNameRegex)) {
+                HILOG_ERROR(LOG_CORE, "%s:path is invalid: %s, errno=%d", __func__, path.c_str(), errno);
+                return false;
+            }
+        }
+
         auto cache = std::shared_ptr<FILE>(fopen(path.c_str(), "wb+"), [](FILE* fp) { fclose(fp); });
         CHECK_NOTNULL(cache, false, "create cache[%zu]: %s failed!", i, path.c_str());
         rawDataDumpFile_.emplace_back(std::move(cache));