From ba0ea9402522de8a72f8a24b8c4b29aac2b9638f Mon Sep 17 00:00:00 2001
From: huaqingsimeng <qiukaiqing@huawei.com>
Date: Sat, 26 Aug 2023 18:14:44 +0800
Subject: [PATCH] =?UTF-8?q?=E7=A6=81=E6=AD=A2tar=E8=BF=9B=E8=A1=8C?=
 =?UTF-8?q?=E5=91=BD=E4=BB=A4=E8=A1=8C=E6=B3=A8=E5=85=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: huaqingsimeng <qiukaiqing@huawei.com>
---
 utils/src/b_tarball/b_tarball_cmdline.cpp | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/utils/src/b_tarball/b_tarball_cmdline.cpp b/utils/src/b_tarball/b_tarball_cmdline.cpp
index a5e3da653..bb286faf1 100644
--- a/utils/src/b_tarball/b_tarball_cmdline.cpp
+++ b/utils/src/b_tarball/b_tarball_cmdline.cpp
@@ -28,6 +28,23 @@
 namespace OHOS::FileManagement::Backup {
 using namespace std;
 
+namespace {
+const vector<string_view> COMMAND_INJECTION = {
+    "--to-command", "--xform", "-op", "--checkpoint", "--checkpoint-action",
+};
+} // namespace
+
+static void VerifyArgv(const vector<string_view> &argv)
+{
+    for (auto &arg : argv) {
+        if (std::any_of(COMMAND_INJECTION.begin(), COMMAND_INJECTION.end(),
+                        [&arg](const string_view &cmd) { return arg == cmd; })) {
+            HILOGE("Invalid argv: %{public}s", arg.data());
+            throw BError(BError::Codes::EXT_INVAL_ARG, "Invalid argv");
+        }
+    }
+}
+
 static bool IsTarFatalErrorOccur(string_view output)
 {
     vector<string_view> fatalError {"EOF",          "bad xform",     "bad header", "sparse overflow",
@@ -69,6 +86,8 @@ void BTarballCmdline::Tar(string_view root, vector<string_view> includes, vector
         argv.push_back(exclude);
     }
 
+    VerifyArgv(argv);
+
     // 如果打包后生成了打包文件，则默认打包器打包时生成的错误可以忽略(比如打包一个不存在的文件)
     auto [bFatalError, errCode] = BProcess::ExecuteCmd(argv, IsTarFatalErrorOccur);
     if (bFatalError || (errCode && access(tarballPath_.data(), F_OK) != 0)) {
-- 
Gitee