From 1838e099734a649c27b51ade87b2e61ac48a8074 Mon Sep 17 00:00:00 2001
From: cuiruibin <cuiruibin3@h-partners.com>
Date: Wed, 6 Aug 2025 10:45:07 +0800
Subject: [PATCH] =?UTF-8?q?AFS.=E8=B7=AF=E5=BE=84=E6=A0=A1=E9=AA=8C?=
 =?UTF-8?q?=E8=A7=84=E5=88=99=E5=8A=A0=E5=9B=BA=E5=A2=9E=E5=BC=BA=20Signed?=
 =?UTF-8?q?-off-by:=20cuiruibin=20<cuiruibin3@h-partners.com>?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 interfaces/common/src/sandbox_helper.cpp      | 16 ++++++++++++++
 .../file_share_native/file_share_test.cpp     | 22 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/interfaces/common/src/sandbox_helper.cpp b/interfaces/common/src/sandbox_helper.cpp
index 0536ab7fd..515d8a36d 100644
--- a/interfaces/common/src/sandbox_helper.cpp
+++ b/interfaces/common/src/sandbox_helper.cpp
@@ -54,6 +54,9 @@ namespace {
     const std::string PATH_INVALID_FLAG1 = "../";
     const std::string PATH_INVALID_FLAG2 = "/..";
     const uint32_t PATH_INVALID_FLAG_LEN = 3;
+    const std::string PATH_WILDCARD_FLAG1 = "*/";
+    const std::string PATH_WILDCARD_FLAG2 = "/*";
+    const uint32_t PATH_WILDCARD_FLAG_LEN = 2;
     const std::string NETWORK_PARA = "?networkid=";
     const std::string AMPERSAND = "&";
 }
@@ -528,6 +531,19 @@ bool SandboxHelper::IsValidPath(const std::string &filePath)
         LOGE("Relative path is not allowed, path tail is /..");
         return false;
     }
+    size_t wildcardPos = filePath.find(PATH_WILDCARD_FLAG1);
+    while (wildcardPos != string::npos) {
+        if (wildcardPos == 0 || filePath[wildcardPos - 1] == BACKSLASH) {
+            LOGE("Relative path is not allowed, path contain */");
+            return false;
+        }
+        wildcardPos = filePath.find(PATH_WILDCARD_FLAG1, wildcardPos + PATH_WILDCARD_FLAG_LEN);
+    }
+    wildcardPos = filePath.rfind(PATH_WILDCARD_FLAG2);
+    if ((wildcardPos != string::npos) && (filePath.size() - wildcardPos == PATH_WILDCARD_FLAG_LEN)) {
+        LOGE("Relative path is not allowed, path tail is /*");
+        return false;
+    }
     return true;
 }
 
diff --git a/test/unittest/file_share_native/file_share_test.cpp b/test/unittest/file_share_native/file_share_test.cpp
index 8b05e4b54..592ee33e1 100644
--- a/test/unittest/file_share_native/file_share_test.cpp
+++ b/test/unittest/file_share_native/file_share_test.cpp
@@ -567,6 +567,20 @@ HWTEST_F(FileShareTest, File_share_IsValidPath_0002, testing::ext::TestSize.Leve
     EXPECT_FALSE(result);
     result = SandboxHelper::IsValidPath("/test/..test/..");
     EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("*/test*/test1");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("/*/test*/test1");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("test*/*/test");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("test*/*/");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("test*/test*/*");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("/test/*test/*");
+    EXPECT_FALSE(result);
+    result = SandboxHelper::IsValidPath("*/test/*test");
+    EXPECT_FALSE(result);
 
     result = SandboxHelper::IsValidPath("test");
     EXPECT_TRUE(result);
@@ -578,6 +592,14 @@ HWTEST_F(FileShareTest, File_share_IsValidPath_0002, testing::ext::TestSize.Leve
     EXPECT_TRUE(result);
     result = SandboxHelper::IsValidPath("/test../test../test../..test");
     EXPECT_TRUE(result);
+    result = SandboxHelper::IsValidPath("/test/test*/test");
+    EXPECT_TRUE(result);
+    result = SandboxHelper::IsValidPath("/test*/test*/test");
+    EXPECT_TRUE(result);
+    result = SandboxHelper::IsValidPath("/test*/test*/test*/");
+    EXPECT_TRUE(result);
+    result = SandboxHelper::IsValidPath("/test*/test*/test*/*test");
+    EXPECT_TRUE(result);
     GTEST_LOG_(INFO) << "FileShareTest-end File_share_IsValidPath_0002";
 }
 
-- 
Gitee