From 1c229b2420d47889f91ba8ccf63e7026fb4ded95 Mon Sep 17 00:00:00 2001 From: lvyuanyuan Date: Thu, 14 Mar 2024 08:46:41 +0800 Subject: [PATCH] =?UTF-8?q?fileshare=E6=95=B4=E6=94=B9=E5=9B=9E=E5=90=884.?= =?UTF-8?q?0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lvyuanyuan Change-Id: I892333c5a1219008f3d942516abfedd2c5195627 --- interfaces/common/include/sandbox_helper.h | 1 + interfaces/common/src/sandbox_helper.cpp | 24 +++++++++++++-- .../native/file_share/src/file_share.cpp | 7 ++++- .../src/remote_file_share.cpp | 18 +++--------- .../file_share_native/file_share_test.cpp | 29 +++++++++++++++++++ 5 files changed, 62 insertions(+), 17 deletions(-) diff --git a/interfaces/common/include/sandbox_helper.h b/interfaces/common/include/sandbox_helper.h index eedf84f83..d4ed5dbd3 100644 --- a/interfaces/common/include/sandbox_helper.h +++ b/interfaces/common/include/sandbox_helper.h @@ -33,6 +33,7 @@ public: static bool CheckValidPath(const std::string &filePath); static int32_t GetPhysicalPath(const std::string &fileUri, const std::string &userId, std::string &physicalPath); + static bool IsValidPath(const std::string &path); }; } // namespace AppFileService } // namespace OHOS diff --git a/interfaces/common/src/sandbox_helper.cpp b/interfaces/common/src/sandbox_helper.cpp index 14f58c9b0..a57115f9c 100644 --- a/interfaces/common/src/sandbox_helper.cpp +++ b/interfaces/common/src/sandbox_helper.cpp @@ -211,20 +211,31 @@ static int32_t GetBucketNum(const std::string &fileName) return CalAssetBucket(fileId); } -static void ParseMediaSandboxPath(const string &sandboxPath, MediaUriInfo &mediaUriInfo) +static bool ParseMediaSandboxPath(const string &sandboxPath, MediaUriInfo &mediaUriInfo) { string path = sandboxPath; std::replace(path.begin(), path.end(), '/', ' '); stringstream ss; ss << path; ss >> mediaUriInfo.mediaType >> mediaUriInfo.fileId >> mediaUriInfo.realName >> mediaUriInfo.displayName; + + string buf; + ss >> buf; + if (!buf.empty()) { + LOGE("media sandboxPath is invalid"); + return false; + } + + return true; } static int32_t GetMediaPhysicalPath(const std::string &sandboxPath, const std::string &userId, std::string &physicalPath) { MediaUriInfo mediaUriInfo; - ParseMediaSandboxPath(sandboxPath, mediaUriInfo); + if (!ParseMediaSandboxPath(sandboxPath, mediaUriInfo)) { + return -EINVAL; + } int32_t bucketNum = GetBucketNum(mediaUriInfo.realName); if (bucketNum < 0) { @@ -288,6 +299,15 @@ int32_t SandboxHelper::GetPhysicalPath(const std::string &fileUri, const std::st } } +bool SandboxHelper::IsValidPath(const std::string &path) +{ + if (path.find("/./") != std::string::npos || + path.find("/../") != std::string::npos) { + return false; + } + return true; +} + bool SandboxHelper::CheckValidPath(const std::string &filePath) { if (filePath.empty() || filePath.size() >= PATH_MAX) { diff --git a/interfaces/innerkits/native/file_share/src/file_share.cpp b/interfaces/innerkits/native/file_share/src/file_share.cpp index eea570be0..f1e68c28e 100644 --- a/interfaces/innerkits/native/file_share/src/file_share.cpp +++ b/interfaces/innerkits/native/file_share/src/file_share.cpp @@ -191,11 +191,16 @@ static void DeleteExistShareFile(const string &path) static int32_t PreparePreShareDir(FileShareInfo &info) { if (!SandboxHelper::CheckValidPath(info.providerLowerPath_)) { - LOGE("Invalid share path with %{private}s", info.providerLowerPath_.c_str()); + LOGE("info.providerLowerPath_ is invalid"); return -EINVAL; } for (size_t i = 0; i < info.sharePath_.size(); i++) { + if (!SandboxHelper::IsValidPath(info.sharePath_[i])) { + LOGE("Invalid share path"); + return -EINVAL; + } + if (access(info.sharePath_[i].c_str(), F_OK) != 0) { string sharePathDir = info.sharePath_[i]; size_t posLast = info.sharePath_[i].find_last_of("/"); diff --git a/interfaces/innerkits/native/remote_file_share/src/remote_file_share.cpp b/interfaces/innerkits/native/remote_file_share/src/remote_file_share.cpp index a7f7321a4..636c5a346 100644 --- a/interfaces/innerkits/native/remote_file_share/src/remote_file_share.cpp +++ b/interfaces/innerkits/native/remote_file_share/src/remote_file_share.cpp @@ -153,15 +153,6 @@ static bool DeleteShareDir(const std::string &PACKAGE_PATH, const std::string &S return result; } -static bool IsValidPath(const std::string &path) -{ - if (path.find("/./") != std::string::npos || - path.find("/../") != std::string::npos) { - return false; - } - return true; -} - static int CreateShareFile(struct HmdfsShareControl &shareControl, const char* file, const std::string &deviceId) { @@ -211,8 +202,8 @@ int RemoteFileShare::CreateSharePath(const int &fd, std::string &sharePath, } const std::string PACKAGE_PATH = GetLowerSharePath(userId, processName); - if (!IsValidPath(PACKAGE_PATH)) { - LOGE("RemoteFileShare::CreateSharePath, GetLowerSharePath failed with %{private}s", PACKAGE_PATH.c_str()); + if (!SandboxHelper::IsValidPath(PACKAGE_PATH)) { + LOGE("RemoteFileShare::CreateSharePath, GetLowerSharePath failed"); return EACCES; } @@ -268,9 +259,8 @@ static int GetDistributedPath(Uri &uri, const int &userId, std::string &distribu static std::string GetPhysicalPath(Uri &uri, const std::string &userId) { std::string sandboxPath = uri.GetPath(); - if (!IsValidPath(sandboxPath) || uri.GetScheme() != FILE_SCHEME) { - LOGE("Sandbox path from uri is error with %{public}s", sandboxPath.c_str()); - return ""; + if (!SandboxHelper::IsValidPath(sandboxPath) || uri.GetScheme() != FILE_SCHEME) { + LOGE("Sandbox path from uri is error"); } std::string physicalPath = ""; diff --git a/test/unittest/file_share_native/file_share_test.cpp b/test/unittest/file_share_native/file_share_test.cpp index 143f07eb6..8ca599941 100644 --- a/test/unittest/file_share_native/file_share_test.cpp +++ b/test/unittest/file_share_native/file_share_test.cpp @@ -62,6 +62,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = "file://" + bundleNameA + "/data/storage/el2/base/files/test.txt"; string bundleNameB = "com.ohos.systemui"; @@ -70,6 +71,11 @@ namespace { int32_t flag = 3; int32_t ret = CreateShareFile(uri, tokenId, flag); EXPECT_EQ(ret, E_OK); + + uri.clear(); + uri = "file://" + bundleNameA + "/data/storage/el2/base/files/../files/test.txt"; + ret = CreateShareFile(uri, tokenId, flag); + EXPECT_EQ(ret, -EINVAL); GTEST_LOG_(INFO) << "FileShareTest-end File_share_CreateShareFile_0000"; } @@ -92,6 +98,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = "file://" + bundleNameA + "/data/test/el2/base/files/test.txt"; string bundleNameB = "com.ohos.systemui"; @@ -121,6 +128,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = "file://" + bundleNameA + "/data/storage/el2/base/files/test.txt"; uint32_t tokenId = 100; @@ -148,6 +156,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = ""; string bundleNameB = "com.ohos.systemui"; @@ -177,6 +186,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = ""; string bundleNameB = "com.ohos.systemui"; @@ -252,6 +262,7 @@ namespace { string fileStr = "/data/app/el2/" + to_string(uid) + "/base/" + bundleNameA + "/files/test.txt"; int32_t fd = open(fileStr.c_str(), O_RDWR | O_CREAT); ASSERT_TRUE(fd != -1) << "FileShareTest Create File Failed!"; + close(fd); string uri = "file://" + bundleNameA + "/data/storage/el2/base/files/test.txt"; string bundleNameB = "com.ohos.systemui"; @@ -372,4 +383,22 @@ namespace { EXPECT_EQ(physicalPath, "/mnt/hmdfs/100/account/merge_view/files/Photo/575/IMG_12345_999999.jpg"); GTEST_LOG_(INFO) << "FileShareTest-end File_share_GetPhysicalPath_0005"; } + + /** + * @tc.name: File_share_GetPhysicalPath_0006 + * @tc.desc: Test function of GetPhysicalPath() interface for SUCCESS. + * @tc.size: MEDIUM + * @tc.type: FUNC + * @tc.level Level 1 + * @tc.require: I7PDZL + */ + HWTEST_F(FileShareTest, File_share_GetPhysicalPath_0006, testing::ext::TestSize.Level1) + { + GTEST_LOG_(INFO) << "FileShareTest-begin File_share_GetPhysicalPath_0006"; + std::string fileUri = "file://media/Photo/12/IMG_12345_999999/test.jpg/other"; + std::string physicalPath; + int32_t ret = SandboxHelper::GetPhysicalPath(fileUri, "100", physicalPath); + EXPECT_EQ(ret, -EINVAL); + GTEST_LOG_(INFO) << "FileShareTest-end File_share_GetPhysicalPath_0006"; + } } \ No newline at end of file -- Gitee