From 376d211f6117bea8e12440fcffe4a932a4c5e058 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=BB=BB=E6=9D=B0?= <renjie84@huawei.com>
Date: Mon, 14 Oct 2024 11:01:53 +0800
Subject: [PATCH] Issue:#IAWVA5 Description: try catch on reg_match for
 security Sig: SIG_ApplicaitonFramework Feature or Bugfix: Bugfix Binary
 Source: No Signed-off-by: renjie84  renjie84@huawei.com
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 任杰 <renjie84@huawei.com>
---
 interfaces/innerkits/appverify/BUILD.gn          |  2 ++
 .../appverify/src/verify/hap_verify_v2.cpp       | 16 ++++++++++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/interfaces/innerkits/appverify/BUILD.gn b/interfaces/innerkits/appverify/BUILD.gn
index d1918f6..19b15c9 100644
--- a/interfaces/innerkits/appverify/BUILD.gn
+++ b/interfaces/innerkits/appverify/BUILD.gn
@@ -17,6 +17,7 @@ if (os_level == "standard") {
   config("libhapverify_config") {
     visibility = [ ":*" ]
     include_dirs = [ "include" ]
+    configs = [ "//build/config/compiler:exceptions" ]
   }
 
   ohos_shared_library("libhapverify") {
@@ -60,6 +61,7 @@ if (os_level == "standard") {
     cflags_cc = [
       "-DHILOG_ENABLE",
       "-fvisibility=hidden",
+      "-fexceptions",
     ]
 
     deps = []
diff --git a/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp b/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp
index 829f35b..89a2a4e 100644
--- a/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp
+++ b/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp
@@ -67,10 +67,18 @@ bool HapVerifyV2::CheckFilePath(const std::string& filePath, std::string& standa
         return false;
     }
     standardFilePath = std::string(path);
-    if (!std::regex_match(standardFilePath, std::regex(HAP_APP_PATTERN)) &&
-        !std::regex_match(standardFilePath, std::regex(HSP_APP_PATTERN)) &&
-        !std::regex_match(standardFilePath, std::regex(HQF_APP_PATTERN))) {
-        HAPVERIFY_LOG_ERROR("file is not hap, hsp or hqf package");
+    try {
+        if (!std::regex_match(standardFilePath, std::regex(HAP_APP_PATTERN)) &&
+            !std::regex_match(standardFilePath, std::regex(HSP_APP_PATTERN)) &&
+            !std::regex_match(standardFilePath, std::regex(HQF_APP_PATTERN))) {
+            HAPVERIFY_LOG_ERROR("file is not hap, hsp or hqf package");
+            return false;
+        }
+    } catch(const std::regex_error& e) {
+        HAPVERIFY_LOG_ERROR("regex match error");
+        return false;
+    } catch(...) {
+        HAPVERIFY_LOG_ERROR("unexpected error");
         return false;
     }
     return true;
-- 
Gitee