From f5168ec537b7ddb25e344ab83b22f986f49f6bd6 Mon Sep 17 00:00:00 2001
From: lixin <lixinb@uniontech.com>
Date: Mon, 11 Mar 2024 17:22:44 +0800
Subject: [PATCH] fix CVE-2024-24892

---
 0001-CVE-2024-24892.patch | 84 +++++++++++++++++++++++++++++++++++++++
 migration-tools.spec      | 23 +++++++++--
 2 files changed, 103 insertions(+), 4 deletions(-)
 create mode 100644 0001-CVE-2024-24892.patch

diff --git a/0001-CVE-2024-24892.patch b/0001-CVE-2024-24892.patch
new file mode 100644
index 0000000..4c3c050
--- /dev/null
+++ b/0001-CVE-2024-24892.patch
@@ -0,0 +1,84 @@
+From 05dfcb577a562be97b868e65ff502ea8e61cd893 Mon Sep 17 00:00:00 2001
+From: lixin <lixinb@uniontech.com>
+Date: Mon, 11 Mar 2024 17:10:52 +0800
+Subject: [PATCH] CVE-2024-24892
+
+---
+ ut-Migration-tools/index.py | 49 +++++++++++++++++++++++--------------
+ 1 file changed, 31 insertions(+), 18 deletions(-)
+
+diff --git a/ut-Migration-tools/index.py b/ut-Migration-tools/index.py
+index 635c5ac..fa9e3fb 100644
+--- a/ut-Migration-tools/index.py
++++ b/ut-Migration-tools/index.py
+@@ -3,6 +3,7 @@
+ import os
+ import sys
+ import json
++import paramiko
+ from func import share
+ from views import migration
+ 
+@@ -218,29 +219,41 @@ def MT_export_migration_reports():
+     :return:
+     """
+     mod = check_methods()
+-    f = open("/usr/lib/migration-tools-server/.passwd.txt","r")
+-    password = f.read()
+-    f.close()
+     if mod:
+         data = request.get_data()
+         json_data = json.loads(data)
+-        mkdir_log_pwd = "/var/uos-migration/"
+-        isExists=os.path.exists(mkdir_log_pwd)
+-        if not isExists:
+-            try:
+-                os.makedirs(mkdir_log_pwd)
+-                print(mkdir_log_pwd)
+-            except:
+-                print("export report mkdir error:%s" % mkdir_log_pwd)
+-
++        user = json_data.get('info').split("|")[0]
+         info = mod.split(',')
+-        scp_log = "sshpass -p '%s'" % password + " scp -r %s" % json_data.get('info').split("|")[0] + "@%s" % info[1] \
+-                  + ":/var/tmp/uos-migration/UOS*.tar.gz /var/uos-migration/"
++        ip = info[1].strip('"')
++        port = 22
++        with open("/usr/lib/migration-tools-server/.passwd.txt", "r") as f:
++            password = f.read()
++
++        remote_dir = local_dir = "/var/tmp/uos-migration"
++        if not os.path.exists(local_dir):
++            os.makedirs(local_dir)
++
++        client = paramiko.SSHClient()
++        client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+         try:
+-            os.system(scp_log)
+-            print(scp_log)
+-        except:
+-            print('export report scp error:%s' % scp_log)
++            client.connect(ip, port, user, password)
++            sftp = client.open_sftp()
++
++            remote_files = sftp.listdir(remote_dir)
++            # 遍历远程文件列表
++            for filename in remote_files:
++                if filename.endswith('.tar.gz'):
++                    remote_file_path = os.path.join(remote_dir, filename)
++                    local_file_path = os.path.join(local_dir, filename)
++                    sftp.get(remote_file_path, local_file_path)
++
++        except Exception as e:
++            print(f"Error: {e}")
++
++        finally:
++            # 关闭连接
++            if client:
++                client.close()
+         return Response(mod, content_type='application/json')
+ 
+ 
+-- 
+2.33.0
+
diff --git a/migration-tools.spec b/migration-tools.spec
index 8a0132e..40e5223 100644
--- a/migration-tools.spec
+++ b/migration-tools.spec
@@ -1,12 +1,16 @@
 Name: 		migration-tools
 Version:	1.0.0
-Release:	4
+Release:	6
 Summary:	A tool to help users migrate the Centos system to the UOS system and openEuler system
 License:	MulanPSL-2.0
 Source0:	ut-Migration-tools.tar.gz
 Patch0:		0001-fix-export-error-and-no-migration-details-issue.patch
 Patch1:		0002-fix-uefi-boot-failed.patch
 Patch2:		0003-modify-grub-rules-to-match-NIC-name.patch
+
+# CVE patches: >= 100
+Patch100:	0001-CVE-2024-24892.patch
+
 BuildArch: 	noarch
 %description
 UOS Migration Software
@@ -27,9 +31,12 @@ Migration software server side
 
 %prep
 %setup -c
-%patch 0 -p1
-%patch 1 -p1
-%patch 2 -p1
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+
+# cve patches
+%patch100 -p1
 
 %install
 rm -rf %{buildroot}
@@ -65,6 +72,14 @@ rm -rf /usr/lib/systemd/system/migration-tools-server.service
 /usr/lib/migration-tools-server
 
 %changelog
+* Mon Mar 11 2024 lixin <lixinb@uniontech.com> - 1.0.0-6
+- fix : CVE-2024-24892
+- use paramiko instead of sshpass to export migration log 
+- and data
+
+* Fri Dec 08 2023 lixin <lixinb@uniontech.com> - 1.0.0-5
+- rebuild: modify patch number to adapt 22.03-lts-sp3
+
 * Wed Sep 06 2023 lixin <lixinb@uniontech.com> - 1.0.0-4
 - fix: fix uefi boot failed
 - fix: modify grub rules to match NIC name after migration
-- 
Gitee