diff --git a/frameworks/native/cloudsync_kit_inner/src/cloud_sync_manager_impl.cpp b/frameworks/native/cloudsync_kit_inner/src/cloud_sync_manager_impl.cpp index c67cd8bcc40389f90106ca9269cd3daec708fdb9..19c8174a7765b665350a795674e04a9848307977 100644 --- a/frameworks/native/cloudsync_kit_inner/src/cloud_sync_manager_impl.cpp +++ b/frameworks/native/cloudsync_kit_inner/src/cloud_sync_manager_impl.cpp @@ -951,7 +951,7 @@ static std::string GetMediaPath(const std::string& path) void CloudSyncManagerImpl::CleanGalleryDentryFile(const std::string path) { - if (!IsPhotoPath(path)) { + if (!IsPhotoPath(path) || OHOS::Storage::DistributedFile::Utils::HasInvalidChars(path)) { LOGE("CleanGalleryDentryFile path is not photo"); return; } diff --git a/test/unittests/cloud_disk/BUILD.gn b/test/unittests/cloud_disk/BUILD.gn index 2f6830c0a16a6ed9be7d5031977b5d2c8cbe1e98..158377e1cc2717230ab442676b5df9b1c53f9a34 100644 --- a/test/unittests/cloud_disk/BUILD.gn +++ b/test/unittests/cloud_disk/BUILD.gn @@ -497,6 +497,7 @@ ohos_unittest("meta_file_clouddisk_test") { "${distributedfile_path}/utils/log/include", "${distributedfile_path}/utils/inner_api", "${distributedfile_path}/utils/system/include", + "${innerkits_native_path}/cloud_file_kit_inner/big_data_statistics", "${services_path}/cloudfiledaemon/include/cloud_disk/", "mock", ] diff --git a/test/unittests/cloudsync_api/cloudsync_impl/cloud_sync_manager_impl_test.cpp b/test/unittests/cloudsync_api/cloudsync_impl/cloud_sync_manager_impl_test.cpp index 2deccff0d686a3305a23ac0c0c784727a283b96d..a1e57236f837d6f0361757362dac1b66aac0d138 100644 --- a/test/unittests/cloudsync_api/cloudsync_impl/cloud_sync_manager_impl_test.cpp +++ b/test/unittests/cloudsync_api/cloudsync_impl/cloud_sync_manager_impl_test.cpp @@ -1008,7 +1008,7 @@ HWTEST_F(CloudSyncManagerImplTest, CleanGalleryDentryFileTest004, TestSize.Level std::ofstream("/storage/media/cloud/files/Photo/1/666666.jpg"); std::string testDir = "/storage/666666.jpg"; CloudSyncManagerImpl::GetInstance().CleanGalleryDentryFile(testDir); - bool isExists = fs::exists("/storage/media/100/cloud/files/Photo/1/666666.jpg"); + bool isExists = fs::exists("/storage/media/cloud/files/Photo/1/666666.jpg"); system("rm -rf /storage/media/cloud/files/Photo/1/666666.jpg"); EXPECT_TRUE(isExists); } catch (...) { diff --git a/test/unittests/utils/system/utils_directory_test.cpp b/test/unittests/utils/system/utils_directory_test.cpp index d08722065fc5f1c8b3137d6abb8d3e5f3e4070bb..70e83e34444efbdec8522d5688b7ed27b3aa6416 100644 --- a/test/unittests/utils/system/utils_directory_test.cpp +++ b/test/unittests/utils/system/utils_directory_test.cpp @@ -22,6 +22,7 @@ #include #include +#include "cloud_file_fault_event.h" #include "directory_ex.h" namespace OHOS { @@ -350,6 +351,141 @@ HWTEST_F(UtilsDirectoryTest, SysEventWriteTest001, TestSize.Level1) } GTEST_LOG_(INFO) << "SysEventWriteTest001 End"; } + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest001 Start"; + try { + string path = "/storage/media/cloud/files/../Photo"; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest001 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest001 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest002, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest002 Start"; + try { + string path = "/storage/media/cloud/files/./Photo"; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest002 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest002 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest003, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest003 Start"; + try { + std::string path = "/storage/media/cloud/"; + path += '\0'; + path += "/files/Photo"; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest003 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest003 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest004, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest004 Start"; + try { + string path = "./storage/media/cloud/files/Photo"; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest004 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest004 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest005, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest005 Start"; + try { + string path = "../storage/media/cloud/files/Photo"; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest005 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest005 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest006, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest006 Start"; + try { + string path = ""; + bool ret = HasInvalidChars(path); + EXPECT_TRUE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest006 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest006 End"; +} + +/* + * @tc.name: HasInvalidChars + * @tc.desc: Verify the HasInvalidChars function. + * @tc.type: FUNC + */ +HWTEST_F(UtilsDirectoryTest, HasInvalidCharsTest006, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "HasInvalidCharsTest007 Start"; + try { + string path = "/storage/media/cloud/files/Photo"; + bool ret = HasInvalidChars(path); + EXPECT_FALSE(ret); + } catch (...) { + EXPECT_TRUE(false); + GTEST_LOG_(INFO) << " HasInvalidCharsTest007 FAILED"; + } + GTEST_LOG_(INFO) << "HasInvalidCharsTest007 End"; +} } // namespace Utils } // namespace DistributedFile } // namespace Storage diff --git a/utils/BUILD.gn b/utils/BUILD.gn index dfad5dc11f696cc412cdf2ef0903944d027db64c..e366429f1de7f5c476d8ddccd0c2f168f58c2b69 100755 --- a/utils/BUILD.gn +++ b/utils/BUILD.gn @@ -46,6 +46,7 @@ config("compiler_configs") { config("utils_public_config") { include_dirs = [ + "${innerkits_native_path}/cloud_file_kit_inner/big_data_statistics", "inner_api", "ioctl/include", "load/include", @@ -79,6 +80,8 @@ ohos_shared_library("libdistributedfileutils") { debug = false } sources = [ + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_file_fault_event.cpp", + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_report_cacher.cpp", "cloud_disk/src/cloud_file_utils.cpp", "dfx/src/xcollie_helper.cpp", "ffrt/src/ffrt_timer.cpp", @@ -145,6 +148,7 @@ ohos_shared_library("libdistributedfileutils") { config("dentry_public_config") { include_dirs = [ + "${innerkits_native_path}/cloud_file_kit_inner/big_data_statistics", "dentry/include", "inner_api", "system/include", @@ -164,6 +168,8 @@ ohos_shared_library("libdistributedfiledentry") { } sources = [ + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_file_fault_event.cpp", + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_report_cacher.cpp", "dentry/src/file_utils.cpp", "dentry/src/meta_file.cpp", "dentry/src/meta_file_clouddisk.cpp", @@ -202,6 +208,7 @@ ohos_shared_library("libdistributedfiledentry") { config("utils_lite_public_config") { include_dirs = [ + "${innerkits_native_path}/cloud_file_kit_inner/big_data_statistics", "dentry/include", "ffrt/include", "inner_api", @@ -225,6 +232,8 @@ ohos_shared_library("libdistributedfileutils_lite") { } sources = [ + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_file_fault_event.cpp", + "${distributedfile_path}/frameworks/native/cloud_file_kit_inner/src/big_data_statistics/cloud_report_cacher.cpp", "cloud_disk/src/cloud_file_utils.cpp", "dentry/src/file_utils.cpp", "dentry/src/meta_file.cpp", diff --git a/utils/system/include/utils_directory.h b/utils/system/include/utils_directory.h index 09c65ce8b9ded01df0cdeb4504aac4fb4dc3407f..0c69b22b714d9f96b46f0c7cd9327cb37b5e7263 100644 --- a/utils/system/include/utils_directory.h +++ b/utils/system/include/utils_directory.h @@ -96,6 +96,7 @@ bool IsFolder(const std::string &name); std::vector GetFilePath(const std::string &name); int32_t ChangeOwnerRecursive(const std::string &path, uid_t uid, gid_t gid); bool IsInt32(const nlohmann::json &jsonObj, const std::string &key); +bool HasInvalidChars(const std::string &str); } // namespace Utils } // namespace DistributedFile } // namespace Storage diff --git a/utils/system/src/utils_directory.cpp b/utils/system/src/utils_directory.cpp index ed2f0ac288f2829126490034d23b06b4dbc3a127..88186040b1e546ea77f7800f6951497b2d806b39 100644 --- a/utils/system/src/utils_directory.cpp +++ b/utils/system/src/utils_directory.cpp @@ -21,6 +21,7 @@ #include #include +#include "cloud_file_fault_event.h" #include "dfs_error.h" #include "directory_ex.h" #include "hisysevent.h" @@ -31,6 +32,7 @@ namespace Storage { namespace DistributedFile { namespace Utils { using namespace std; +using namespace OHOS::FileManagement; namespace { static const uint32_t STAT_MODE_DIR = 0771; @@ -70,7 +72,7 @@ void SysEventWrite(string &uid) HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "PERMISSION_NAME", "account"); - if (ret != ERR_OK) { + if (ret != FileManagement::ERR_OK) { LOGE("report PERMISSION_EXCEPTION error %{public}d", ret); } } @@ -80,14 +82,14 @@ void SysEventFileParse(int64_t maxTime) int32_t ret = DEMO_SYNC_SYS_EVENT("INDEX_FILE_PARSE", HiviewDFX::HiSysEvent::EventType::STATISTIC, "MAX_TIME", maxTime); - if (ret != ERR_OK) { + if (ret != FileManagement::ERR_OK) { LOGE("report INDEX_FILE_PARSE error %{public}d", ret); } } void RadarDotsReportOpenSession(struct RadarInfo &info) { - int32_t res = ERR_OK; + int32_t res = FileManagement::ERR_OK; if (info.state == StageRes::STAGE_SUCCESS) { res = DEMO_SYNC_SYS_EVENT(DISTRIBUTEDFILE_CONNECT_BEHAVIOR, HiviewDFX::HiSysEvent::EventType::BEHAVIOR, @@ -114,7 +116,7 @@ void RadarDotsReportOpenSession(struct RadarInfo &info) "PEER_SESS_NAME", info.peerSessionName, "ERROR_CODE", std::abs(info.errCode)); } - if (res != ERR_OK) { + if (res != FileManagement::ERR_OK) { LOGE("report RadarDotsReportOpenSession error %{public}d", res); } } @@ -134,7 +136,7 @@ void RadarDotsOpenSession(const std::string funcName, const std::string &session void RadarDotsReportSendFile(struct RadarInfo &info) { - int32_t res = ERR_OK; + int32_t res = FileManagement::ERR_OK; if (info.state == StageRes::STAGE_SUCCESS) { res = DEMO_SYNC_SYS_EVENT(DISTRIBUTEDFILE_CONNECT_BEHAVIOR, HiviewDFX::HiSysEvent::EventType::BEHAVIOR, @@ -161,7 +163,7 @@ void RadarDotsReportSendFile(struct RadarInfo &info) "PEER_SESS_NAME", info.peerSessionName, "ERROR_CODE", std::abs(info.errCode)); } - if (res != ERR_OK) { + if (res != FileManagement::ERR_OK) { LOGE("report RadarDotsReportSendFile error %{public}d", res); } } @@ -371,6 +373,38 @@ bool IsInt32(const nlohmann::json &jsonObj, const std::string &key) } return res; } + +bool HasInvalidChars(const std::string &str) +{ + if (str.empty()) { + CLOUD_SYNC_FAULT_REPORT({"", CloudFile::FaultScenarioCode::CLOUD_CHECK_SYNC, + CloudFile::FaultType::FILE, errno, "path is empty"}); + return true; + } + if (str.find('\0') != std::string::npos || + str.find("/../") != std::string::npos || + str.find("/./") != std::string::npos) { + std::string errMsg = std::string("path has invalid chars, path is") + GetAnonyString(str).c_str(); + CLOUD_SYNC_FAULT_REPORT({"", CloudFile::FaultScenarioCode::CLOUD_CHECK_SYNC, + CloudFile::FaultType::FILE, errno, errMsg}); + return true; + } + + const std::string prefix1 = "../"; + const std::string prefix2 = "./"; + if (str.length() >= prefix1.length() && str.compare(0, prefix1.length(), prefix1) == 0) { + std::string errMsg = std::string("path starts with invalid chars, path is") + GetAnonyString(str).c_str(); + CLOUD_SYNC_FAULT_REPORT({"", CloudFile::FaultScenarioCode::CLOUD_CHECK_SYNC, + CloudFile::FaultType::FILE, errno, errMsg}); + return true; + } else if (str.length() >= prefix2.length() && str.compare(0, prefix2.length(), prefix2) == 0) { + std::string errMsg = std::string("path starts with invalid chars, path is") + GetAnonyString(str).c_str(); + CLOUD_SYNC_FAULT_REPORT({"", CloudFile::FaultScenarioCode::CLOUD_CHECK_SYNC, + CloudFile::FaultType::FILE, errno, errMsg}); + return true; + } + return false; +} } // namespace Utils } // namespace DistributedFile } // namespace Storage