public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-06-13 01:01:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复路径穿越

Browse Source
This commit is contained in:
tjlygdx
2026-06-10 10:55:29 +08:00
parent 265b31179f
commit 59cb3c0b07
2 changed files with 40 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
core/core-backend/src/main/java/io/dataease/exportCenter/manage/ExportCenterManage.java
View File

@@ -52,6 +52,8 @@ import io.dataease.api.permissions.user.vo.UserFormVO;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.*;
import java.util.concurrent.Future;
@@ -136,7 +138,7 @@ public class ExportCenterManage implements BaseExportApi {
exportTask.setExportMachineName(hostName());
exportTask.setExportTime(System.currentTimeMillis());
exportTaskMapper.updateById(exportTask);
FileUtils.deleteDirectoryRecursively(exportData_path + id);
FileUtils.deleteDirectoryRecursively(resolveExportTaskDirectory(id));
if (exportTask.getExportFromType().equalsIgnoreCase("chart")) {
ChartExcelRequest request = JsonUtil.parseObject(exportTask.getParams(), ChartExcelRequest.class);
exportCenterDownLoadManage.startViewTask(exportTask, request);
@@ -375,10 +377,22 @@ public class ExportCenterManage implements BaseExportApi {
iterator.remove();
}
}
FileUtils.deleteDirectoryRecursively(exportData_path + id);
FileUtils.deleteDirectoryRecursively(resolveExportTaskDirectory(id));
exportTaskMapper.deleteById(id);
}
private Path resolveExportTaskDirectory(String taskId) {
if (StringUtils.isBlank(taskId) || !StringUtils.isNumeric(taskId)) {
DEException.throwException("任务不存在");
}
Path exportBasePath = Paths.get(exportData_path).toAbsolutePath().normalize();
Path exportTaskPath = exportBasePath.resolve(taskId).normalize();
if (!exportTaskPath.startsWith(exportBasePath)) {
DEException.throwException("Invalid export task path");
}
return exportTaskPath;
}
public CoreExportTask validateDownloadTask(String id, String ticket) {
if (StringUtils.isBlank(ticket)) {
DEException.throwException(Translator.get("i18n_download_link_invalid"));

36
sdk/common/src/main/java/io/dataease/utils/FileUtils.java
View File

@@ -10,7 +10,9 @@ import org.springframework.web.multipart.MultipartFile;
import java.io.*;
import java.nio.channels.FileChannel;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
@@ -294,21 +296,31 @@ public class FileUtils {
public static boolean deleteDirectoryRecursively(String directoryPath) {
File directory = new File(directoryPath);
if (!directory.exists()) {
Assert.hasText(directoryPath, "Directory path must not be blank");
return deleteDirectoryRecursively(Paths.get(directoryPath));
}
public static boolean deleteDirectoryRecursively(Path directory) {
Assert.notNull(directory, "Directory path must not be null");
Path normalizedDirectory = directory.toAbsolutePath().normalize();
if (Files.notExists(normalizedDirectory, LinkOption.NOFOLLOW_LINKS)) {
return true;
}
File[] files = directory.listFiles();
if (files != null) {
for (File file : files) {
if (file.isDirectory()) {
deleteDirectoryRecursively(file.getAbsolutePath());
} else {
boolean deletionSuccess = file.delete();
}
File[] files = normalizedDirectory.toFile().listFiles();
if (files == null) {
return normalizedDirectory.toFile().delete();
}
for (File file : files) {
Path child = file.toPath().toAbsolutePath().normalize();
if (!child.startsWith(normalizedDirectory)) {
DEException.throwException("Invalid directory path");
}
if (Files.isDirectory(child, LinkOption.NOFOLLOW_LINKS)) {
deleteDirectoryRecursively(child);
} else {
file.delete();
}
}
return directory.delete();
return normalizedDirectory.toFile().delete();
}
}