From 6e2885186337613fd649dee315d7fac7388e39a5 Mon Sep 17 00:00:00 2001 From: wangjianqiang Date: Tue, 26 Jul 2022 15:09:35 +0800 Subject: [PATCH] =?UTF-8?q?Uri=E6=A0=A1=E9=AA=8C=E5=89=8D=E7=A7=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wangjianqiang --- .../file_access/include/file_access_helper.h | 1 + .../file_access/src/file_access_helper.cpp | 73 +++++++++++++++++++ 2 files changed, 74 insertions(+) diff --git a/frameworks/innerkits/file_access/include/file_access_helper.h b/frameworks/innerkits/file_access/include/file_access_helper.h index 3acf6103..cf8cfcd9 100644 --- a/frameworks/innerkits/file_access/include/file_access_helper.h +++ b/frameworks/innerkits/file_access/include/file_access_helper.h @@ -61,6 +61,7 @@ private: const AAFwk::Want &want, const sptr &fileAccessExtProxy); void AddFileAccessDeathRecipient(const sptr &token); void OnSchedulerDied(const wptr &remote); + bool CheckOhosUri(const Uri &uri); sptr token_ = {}; AAFwk::Want want_ = {}; diff --git a/frameworks/innerkits/file_access/src/file_access_helper.cpp b/frameworks/innerkits/file_access/src/file_access_helper.cpp index 958a1fd1..f49fee93 100644 --- a/frameworks/innerkits/file_access/src/file_access_helper.cpp +++ b/frameworks/innerkits/file_access/src/file_access_helper.cpp @@ -22,6 +22,11 @@ namespace OHOS { namespace FileAccessFwk { +namespace { + const std::string SCHEME_FILEACCESS = "fileAccess"; + const std::string SCHEME_DATASHARE = "datashare"; +} + FileAccessHelper::FileAccessHelper(const std::shared_ptr &context, const AAFwk::Want &want, const sptr &fileAccessExtProxy) { @@ -117,6 +122,25 @@ std::shared_ptr FileAccessHelper::Creator( return std::shared_ptr(ptrFileAccessHelper); } +bool FileAccessHelper::CheckOhosUri(const Uri &uri) +{ + Uri checkUri(uri.ToString()); + if (!(checkUri.GetScheme() == SCHEME_FILEACCESS || checkUri.GetScheme() == SCHEME_DATASHARE)) { + return false; + } + + std::vector segments; + checkUri.GetPathSegments(segments); + if (segments.empty()) { + return false; + } + + if (checkUri.GetPath() == "") { + return false; + } + return true; +} + bool FileAccessHelper::Release() { if (fileAccessExtConnection_ == nullptr) { @@ -156,6 +180,12 @@ int FileAccessHelper::OpenFile(Uri &uri, int flags) { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "OpenFile"); int fd = ERR_ERROR; + + if (!CheckOhosUri(uri)) { + HILOG_ERROR("OpenFile checkOhoUri failed"); + return fd; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -171,6 +201,12 @@ int FileAccessHelper::CreateFile(Uri &parent, const std::string &displayName, Ur { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "CreateFile"); int index = ERR_ERROR; + + if (!CheckOhosUri(parent)) { + HILOG_ERROR("CreateFile checkOhoUri failed"); + return index; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -186,6 +222,12 @@ int FileAccessHelper::Mkdir(Uri &parent, const std::string &displayName, Uri &ne { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "Mkdir"); int index = ERR_ERROR; + + if (!CheckOhosUri(parent)) { + HILOG_ERROR("Mkdir checkOhoUri failed"); + return index; + } + if (fileAccessExtProxy_ == nullptr) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -201,6 +243,12 @@ int FileAccessHelper::Delete(Uri &selectFile) { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "Delete"); int index = ERR_ERROR; + + if (!CheckOhosUri(selectFile)) { + HILOG_ERROR("Delete checkOhoUri failed"); + return index; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -216,6 +264,19 @@ int FileAccessHelper::Move(Uri &sourceFile, Uri &targetParent, Uri &newFile) { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "Move"); int index = ERR_ERROR; + + Uri sourceFileUri(sourceFile.ToString()); + Uri targetParentUri(targetParent.ToString()); + if (sourceFileUri.GetScheme() != targetParentUri.GetScheme()) + { + return index; + } + + if (!(CheckOhosUri(sourceFile) && CheckOhosUri(targetParent))) { + HILOG_ERROR("Move checkOhoUri failed"); + return index; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -231,6 +292,12 @@ int FileAccessHelper::Rename(Uri &sourceFile, const std::string &displayName, Ur { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "Rename"); int index = ERR_ERROR; + + if (!CheckOhosUri(sourceFile)) { + HILOG_ERROR("Rename checkOhoUri failed"); + return index; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); @@ -246,6 +313,12 @@ std::vector FileAccessHelper::ListFile(Uri &sourceFile) { StartTrace(HITRACE_TAG_FILEMANAGEMENT, "ListFile"); std::vector results; + + if (!CheckOhosUri(sourceFile)) { + HILOG_ERROR("ListFile checkOhoUri failed"); + return results; + } + if (!GetProxy()) { HILOG_ERROR("failed with invalid fileAccessExtProxy_"); FinishTrace(HITRACE_TAG_FILEMANAGEMENT); -- Gitee