From 96ccda8fecce548ca4b9041967aa99a9640a960e Mon Sep 17 00:00:00 2001
From: 田源 <tianyuan@vci-tech.com>
Date: 星期二, 21 一月 2025 16:17:20 +0800
Subject: [PATCH] 分类码段取消校验

---
 Source/UBCS/ubcs-service/ubcs-deploy/src/main/java/com/vci/ubcs/deploy/service/impl/DeployAppsServiceImpl.java |   70 ++++++++++++++++++++++++----------
 1 files changed, 49 insertions(+), 21 deletions(-)

diff --git a/Source/UBCS/ubcs-service/ubcs-deploy/src/main/java/com/vci/ubcs/deploy/service/impl/DeployAppsServiceImpl.java b/Source/UBCS/ubcs-service/ubcs-deploy/src/main/java/com/vci/ubcs/deploy/service/impl/DeployAppsServiceImpl.java
index 6ac5349..676068a 100644
--- a/Source/UBCS/ubcs-service/ubcs-deploy/src/main/java/com/vci/ubcs/deploy/service/impl/DeployAppsServiceImpl.java
+++ b/Source/UBCS/ubcs-service/ubcs-deploy/src/main/java/com/vci/ubcs/deploy/service/impl/DeployAppsServiceImpl.java
@@ -8,7 +8,6 @@
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.baomidou.mybatisplus.extension.toolkit.SqlHelper;
-import com.vci.ubcs.deploy.entity.CmdConfig;
 import com.vci.ubcs.deploy.entity.DeployApps;
 import com.vci.ubcs.deploy.enumpack.CmdConfigEnum;
 import com.vci.ubcs.deploy.mapper.DeployAppsMapper;
@@ -17,10 +16,8 @@
 import com.vci.ubcs.starter.util.HttpUtils;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springblade.core.secure.utils.AuthUtil;
 import org.springblade.core.tool.api.R;
 import org.springblade.core.tool.utils.Func;
-import org.springblade.core.tool.utils.WebUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cloud.client.ServiceInstance;
@@ -28,12 +25,8 @@
 import org.springframework.context.EnvironmentAware;
 import org.springframework.core.env.Environment;
 import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
 import org.springframework.web.multipart.MultipartFile;
 
 import javax.servlet.ServletRequest;
@@ -48,10 +41,8 @@
 import java.time.format.DateTimeFormatter;
 import java.util.*;
 import java.util.stream.Collectors;
-import java.util.stream.Stream;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipFile;
-import java.util.zip.ZipInputStream;
 
 /**
  * @author ludc
@@ -199,8 +190,12 @@
 	 * @throws ServiceException
 	 */
 	@Override
-	public boolean saveOrUpdateServiceInfo(DeployAppsVO deployAppsVO) throws ServiceException {
-		return this.saveOrUpdate(deployAppsVO);
+	public R saveOrUpdateServiceInfo(DeployAppsVO deployAppsVO) throws ServiceException {
+		boolean checkBoolean = checkCmdVer(deployAppsVO.getStartCmd()) && checkCmdVer(deployAppsVO.getStopCmd()) && checkCmdVer(deployAppsVO.getRestartCmd());
+		if(checkBoolean){
+			return R.fail("閰嶇疆鐨勫懡浠や腑鍖呭惈鍗遍櫓鍛戒护锛屽锛歳m銆乵v銆乺m -rf銆乧hmod绛夊懡浠ゅ拰鍏抽敭瀛楋紒 ");
+		}
+		return R.status(this.saveOrUpdate(deployAppsVO));
 	}
 
 	/**
@@ -228,7 +223,7 @@
 	 * @return
 	 */
 	@Override
-	public R importClassify(MultipartFile[] files, String serverName) throws ServiceException {
+	public R importJarUpdate(MultipartFile[] files, String serverName) throws ServiceException {
 		// 鏍规嵁鏈嶅姟鍚嶆煡鐪嬪埌鏈嶅姟鐩稿叧淇℃伅
 		List<DeployApps> deployAppsDB = deployAppsMapper.selectList(Wrappers.<DeployApps>query().lambda().eq(DeployApps::getServerName, serverName));
 		if(deployAppsDB.isEmpty()){
@@ -297,7 +292,7 @@
 					file1.delete();
 				}
 			}
-			String output = excute(deployAppsDB.get(0),"UP");
+			String output = execute(deployAppsDB.get(0),"UP");
 			return R.success(output.toString());
 		} catch (IOException e) {
 			e.printStackTrace();
@@ -320,7 +315,7 @@
 			if(deployAppsDB.isEmpty()){
 				return R.fail("鍛戒护鎵ц鍑洪敊锛屽簱涓湭鎵惧埌"+ deployAppsVO.getName() +"鏈嶅姟鐩稿叧閰嶇疆锛�" );
 			}
-			excuteRes = excute(deployAppsDB.get(0),deployAppsVO.getStatus());
+			excuteRes = execute(deployAppsDB.get(0),deployAppsVO.getStatus());
 			return R.success("鍛戒护鎵ц缁撴潫锛�"+excuteRes);
 		}catch (Exception e){
 			throw new ServiceException(e.getMessage());
@@ -333,7 +328,7 @@
 	 * @return
 	 * @throws ServiceException
 	 */
-	private String excute(DeployApps deployApps,String type) throws ServiceException {
+	public String execute(DeployApps deployApps,String type) throws ServiceException {
 		// 澶勭悊涓婁紶鏂囦欢鐨勯�昏緫
 		StringBuilder output = new StringBuilder();
 		try {
@@ -346,27 +341,42 @@
 			if(Func.isEmpty(cmd)){
 				return "The executed command is empty";
 			}
+			if(checkCmdVer(cmd)){
+				return "閰嶇疆鐨勫懡浠や腑鍖呭惈鍗遍櫓鍛戒护锛屽锛歳m銆乵v銆乺m -rf銆乧hmod绛夊懡浠ゅ拰鍏抽敭璇嶏紒 ";
+			}
 			// 鎵цLinux鍛戒护
 			log.info("寮�濮嬫墽琛屽懡浠わ細"+cmd);
-			Process process = Runtime.getRuntime().exec(cmd);
+			// Process process = Runtime.getRuntime().exec(cmd);
+			ProcessBuilder processBuilder = new ProcessBuilder(cmd.split("\\s"));
+			// processBuilder.command(cmd);
+			Process process = processBuilder.start();
+			// 绛夊緟鍛戒护鎵ц瀹屾垚
+			int exitCode = process.waitFor();
+
+			InputStream inputStream = process.getInputStream();
+			OutputStream outputStream = process.getOutputStream();
+			InputStream errorStream = process.getErrorStream();
 			// 璇诲彇鍛戒护鎵ц缁撴灉
-			BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
+			BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
 			String line;
 			while ((line = reader.readLine()) != null) {
 				output.append(line).append("\n");
 			}
-			// 绛夊緟鍛戒护鎵ц瀹屾垚
-			int exitCode = process.waitFor();
+			reader.close();
+
 			// 璇诲彇鍛戒护鎵ц鐨勯敊璇緭鍑烘祦
-			BufferedReader errorReader = new BufferedReader(new InputStreamReader(process.getErrorStream()));
+			BufferedReader errorReader = new BufferedReader(new InputStreamReader(errorStream));
 			StringBuilder errorOutput = new StringBuilder();
 			String errorLine;
 			while ((errorLine = errorReader.readLine()) != null) {
 				errorOutput.append(errorLine).append("\n");
 			}
 			String errorOutputString = errorOutput.toString();
+			errorReader.close();
+
 			log.info("閿欒杈撳嚭锛�" + errorOutputString);
-			log.info("鍛戒护鎵ц缁撴灉锛�" + output.toString()+":"+exitCode);
+			int exitValue = process.exitValue();
+			log.info("鍛戒护鎵ц缁撴灉锛�" + output.toString()+":"+exitCode+","+exitValue);
 			return output.toString();
 		}catch (IOException | InterruptedException e){
 			e.printStackTrace();
@@ -414,4 +424,22 @@
 		return "8080";
 	}
 
+	/**
+	 * 鍚姩銆佸仠姝€�侀噸鍚懡浠ゆ牎楠�
+	 * @param cmd
+	 * @return true: 鍖呭惈楂橀闄╁懡浠わ紝 false锛氫笉鍖呭惈
+	 */
+	private boolean checkCmdVer(String cmd){
+		if(Func.isEmpty(cmd)){
+			return false;
+		}
+		String[] highRiskCommands = {"rm", "rmdir", "mv", "unlink", "rm -rf", "mv -rf", "dd", "chmod", "chown", "mkfs", "shutdown", "reboot", "kill"};
+		for(String highRiskCmd : highRiskCommands){
+			if(cmd.contains(highRiskCmd)){
+				return true;
+			}
+		}
+		return false;
+	}
+
 }

--
Gitblit v1.9.3