路径遍历

2025-12-11 03:46:50 +08:00 · 2024-08-26 17:00:10 +08:00
parent 776e1e6cbc
commit bea6d680e9
8 changed files with 42 additions and 2 deletions
--- a/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/ContentPackageGenerator.java
+++ b/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/ContentPackageGenerator.java
@@ -119,6 +119,10 @@ public class ContentPackageGenerator {
    private String scormPkgDir;

    public  ContentPackage generateContentPackageFromFile(String scormPkgDir) {
+        if (scormPkgDir.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        if (scormPkgDir == null) {
            log.error("scorm package directory is null");
            return contentPackage;
--- a/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/FileUtils.java
+++ b/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/FileUtils.java
@@ -44,6 +44,10 @@ public class FileUtils {
    }

    public static File createFile(String dstPath, String fileName) throws IOException {
+        if (dstPath.contains("..") || fileName.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        String[] dirs = fileName.split("/");
        File file = new File(dstPath);

--- a/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/SCORMPackageManager.java
+++ b/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/SCORMPackageManager.java
@@ -119,6 +119,11 @@ public class SCORMPackageManager {
            return null;
        }

+        if (packagePath.contains("..")) {
+//            throw new SecurityException("输入路径包含不安全的字符");
+            return null;
+        }
+
        // step 1: uncompress
        File f=new File(packagePath);
        if(!f.exists()) {
--- a/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/ZipUtils.java
+++ b/modules/boe-module-scorm/src/main/java/com/xboe/module/scorm/cam/load/ZipUtils.java
@@ -60,6 +60,10 @@ public class ZipUtils {
    }

    public static boolean decompressZip(String zipFilePath, String saveFileDir) {
+        if (saveFileDir.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        if (!isEndWithZip(zipFilePath)) {
            return false;
        }
--- a/servers/boe-server-all/src/main/java/com/xboe/converter/ExcelToPdfConverter.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/converter/ExcelToPdfConverter.java
@@ -66,6 +66,10 @@ public class ExcelToPdfConverter implements ICourseFileConverter {

    @Override
    public String convert(String fileType, String filePath)  throws Exception{
+        if (filePath.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        if (this.getLicense()) {
            FileOutputStream fileOS=null;
            String previewPath = null;
--- a/servers/boe-server-all/src/main/java/com/xboe/converter/PPTToPdfConverter.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/converter/PPTToPdfConverter.java
@@ -65,6 +65,10 @@ public class PPTToPdfConverter implements ICourseFileConverter {

    @Override
    public String convert(String fileType, String filePath) throws Exception{
+        if (filePath.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        if (this.getLicense()) {
            InputStream slides=null;
            Presentation pres=null;
--- a/servers/boe-server-all/src/main/java/com/xboe/converter/WordToPdfConverter.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/converter/WordToPdfConverter.java
@@ -69,6 +69,10 @@ public class WordToPdfConverter implements ICourseFileConverter {

    @Override
    public String convert(String fileType, String filePath) throws Exception{
+        if (filePath.contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        if (this.getLicense()) {
            File pdfFile=null;
            FileOutputStream fileOS=null;
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java
@@ -227,6 +227,10 @@ public class CourseFileApi extends ApiBaseController {
        	return badRequest("请先选择资源归属");
        }

+        if (file.getFilePath().contains("..")) {
+            throw new SecurityException("输入路径包含不安全的字符");
+        }
+
        // 重设文件类型为小写
        file.setFileType(file.getFileType().toLowerCase());

@@ -395,8 +399,15 @@ public class CourseFileApi extends ApiBaseController {
 			//return badRequest("参数错误");
 			return;
 		}
-		
-		String cfPath=null;
+
+        if (cf.contains("..")) {
+            log.error("参数错误");
+//            throw new SecurityException("输入路径包含不安全的字符");
+            return;
+        }
+
+
+        String cfPath=null;
 		String fileName ="";
 		if(StringUtils.isNotBlank(cf)) {
 			cfPath=cf;