From 8359791cc481ea91acd35e54b0080a096949b7e6 Mon Sep 17 00:00:00 2001 From: tianp Date: Mon, 7 Jul 2025 09:48:40 +0800 Subject: [PATCH] bugfix Signed-off-by: tianp Change-Id: I93e49923757162d8a2fe052051d8f6538b339511 --- .../js/src/mod_fs/class_watcher/fs_file_watcher.cpp | 12 ++++++++++++ .../js/src/mod_fs/properties/ani/access_ani.cpp | 6 +++--- .../kits/js/src/mod_fs/properties/copy_core.cpp | 13 +++++++++++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/interfaces/kits/js/src/mod_fs/class_watcher/fs_file_watcher.cpp b/interfaces/kits/js/src/mod_fs/class_watcher/fs_file_watcher.cpp index 9f77d49df..e411c3e6a 100644 --- a/interfaces/kits/js/src/mod_fs/class_watcher/fs_file_watcher.cpp +++ b/interfaces/kits/js/src/mod_fs/class_watcher/fs_file_watcher.cpp @@ -202,6 +202,18 @@ void FsFileWatcher::ReadNotifyEvent() while (index < len) { event = reinterpret_cast(buf + index); + if ((len - index) < sizeof(struct inotify_event)) { + HILOGE("out of bounds access, len:%{public}d, index: %{public}d, inotify: %{public}zu", + len, index, sizeof(struct inotify_event)); + break; + } + if (event->len > (static_cast(len - index - sizeof(struct inotify_event)))) { + HILOGE("out of bounds access, index: %{public}d, inotify: %{public}zu, " + "event :%{public}u, len: %{public}d", + index, sizeof(struct inotify_event), + event->len, len); + break; + } NotifyEvent(event); index += sizeof(struct inotify_event) + static_cast(event->len); } diff --git a/interfaces/kits/js/src/mod_fs/properties/ani/access_ani.cpp b/interfaces/kits/js/src/mod_fs/properties/ani/access_ani.cpp index 329e11623..41052ff71 100644 --- a/interfaces/kits/js/src/mod_fs/properties/ani/access_ani.cpp +++ b/interfaces/kits/js/src/mod_fs/properties/ani/access_ani.cpp @@ -102,10 +102,10 @@ ani_boolean AccessAni::AccessSync3( auto flagType = OptToAccessFlagType(flagOpt); FsResult fsRet = FsResult::Error(UNKNOWN_ERR); - if (flagOpt == std::nullopt) { - fsRet = AccessCore::DoAccess(pathStr, modeType); - } else { + if (modeType != std::nullopt && flagType != std::nullopt) { fsRet = AccessCore::DoAccess(pathStr, modeType.value(), flagType.value()); + } else { + fsRet = AccessCore::DoAccess(pathStr, modeType); } if (!fsRet.IsSuccess()) { diff --git a/interfaces/kits/js/src/mod_fs/properties/copy_core.cpp b/interfaces/kits/js/src/mod_fs/properties/copy_core.cpp index 45403ca6d..ed94402f2 100644 --- a/interfaces/kits/js/src/mod_fs/properties/copy_core.cpp +++ b/interfaces/kits/js/src/mod_fs/properties/copy_core.cpp @@ -666,6 +666,19 @@ void CopyCore::ReadNotifyEvent(std::shared_ptr infos) } while (infos->run && index < len) { event = reinterpret_cast(buf + index); + if ((len - index) < sizeof(struct inotify_event)) { + HILOGE("out of bounds access, len:%{public}d, index: %{public}lld, inotify: %{public}zu", + len, index, sizeof(struct inotify_event)); + break; + } + if (event->len > (static_cast(len - index - sizeof(struct inotify_event)))) { + HILOGE("out of bounds access, index: %{public}lld, inotify: %{public}zu, " + "event :%{public}u, len: %{public}d", + index, sizeof(struct inotify_event), + event->len, len); + break; + } + auto [needContinue, errCode, needSend] = HandleProgress(event, infos, callback); if (!needContinue) { infos->exceptionCode = errCode; -- Gitee