fix: 修复运维管理:数据库和部署管理中存在任意文件上传和删除漏洞,添加非法文件名过滤

close https://github.com/elunez/eladmin/issues/851
pull/872/head
Jie Zheng 2025-01-15 10:30:39 +08:00
parent 5a3786bd03
commit 008181b079
2 changed files with 15 additions and 11 deletions

View File

@ -111,8 +111,8 @@ public class DatabaseController {
DatabaseDto database = databaseService.findById(id);
String fileName;
if(database != null){
fileName = file.getOriginalFilename();
File executeFile = new File(fileSavePath+fileName);
fileName = FileUtil.verifyFilename(file.getOriginalFilename());
File executeFile = new File(fileSavePath + fileName);
FileUtil.del(executeFile);
file.transferTo(executeFile);
String result = SqlUtils.executeFile(database.getJdbcUrl(), database.getUserName(), database.getPwd(), executeFile);

View File

@ -18,6 +18,7 @@ package me.zhengjie.modules.mnt.rest;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import me.zhengjie.annotation.Log;
import me.zhengjie.modules.mnt.domain.Deploy;
import me.zhengjie.modules.mnt.domain.DeployHistory;
@ -39,13 +40,13 @@ import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
/**
* @author zhanghouying
* @date 2019-08-24
*/
@Slf4j
@RestController
@Api(tags = "运维:部署管理")
@RequiredArgsConstructor
@ -105,21 +106,21 @@ public class DeployController {
Long id = Long.valueOf(request.getParameter("id"));
String fileName = "";
if(file != null){
fileName = file.getOriginalFilename();
File deployFile = new File(fileSavePath+fileName);
fileName = FileUtil.verifyFilename(file.getOriginalFilename());
File deployFile = new File(fileSavePath + fileName);
FileUtil.del(deployFile);
file.transferTo(deployFile);
//文件下一步要根据文件名字来
deployService.deploy(fileSavePath+fileName ,id);
deployService.deploy(fileSavePath + fileName ,id);
}else{
System.out.println("没有找到相对应的文件");
log.warn("没有找到相对应的文件");
}
System.out.println("文件上传的原名称为:"+ Objects.requireNonNull(file).getOriginalFilename());
Map<String,Object> map = new HashMap<>(2);
map.put("errno",0);
map.put("error",0);
map.put("id",fileName);
return new ResponseEntity<>(map,HttpStatus.OK);
}
@Log("系统还原")
@ApiOperation(value = "系统还原")
@PostMapping(value = "/serverReduction")
@ -128,6 +129,7 @@ public class DeployController {
String result = deployService.serverReduction(resources);
return new ResponseEntity<>(result,HttpStatus.OK);
}
@Log("服务运行状态")
@ApiOperation(value = "服务运行状态")
@PostMapping(value = "/serverStatus")
@ -136,6 +138,7 @@ public class DeployController {
String result = deployService.serverStatus(resources);
return new ResponseEntity<>(result,HttpStatus.OK);
}
@Log("启动服务")
@ApiOperation(value = "启动服务")
@PostMapping(value = "/startServer")
@ -144,6 +147,7 @@ public class DeployController {
String result = deployService.startServer(resources);
return new ResponseEntity<>(result,HttpStatus.OK);
}
@Log("停止服务")
@ApiOperation(value = "停止服务")
@PostMapping(value = "/stopServer")