diff --git a/foundation-common/src/main/java/io/servicecomb/foundation/common/utils/FortifyUtils.java b/foundation-common/src/main/java/io/servicecomb/foundation/common/utils/FortifyUtils.java index 0dd4d800e26..c1993611ede 100644 --- a/foundation-common/src/main/java/io/servicecomb/foundation/common/utils/FortifyUtils.java +++ b/foundation-common/src/main/java/io/servicecomb/foundation/common/utils/FortifyUtils.java @@ -16,43 +16,14 @@ package io.servicecomb.foundation.common.utils; -import java.io.File; -import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; -import java.io.UnsupportedEncodingException; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -import java.net.URLEncoder; -import java.nio.ByteBuffer; -import java.nio.channels.SeekableByteChannel; -import java.nio.file.FileSystem; -import java.nio.file.FileSystems; -import java.nio.file.Files; -import java.nio.file.LinkOption; -import java.nio.file.OpenOption; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.nio.file.StandardOpenOption; -import java.nio.file.attribute.AclEntry; -import java.nio.file.attribute.AclEntryFlag; -import java.nio.file.attribute.AclEntryType; -import java.nio.file.attribute.BasicFileAttributes; -import java.nio.file.attribute.FileAttribute; -import java.nio.file.attribute.PosixFilePermissions; -import java.nio.file.attribute.UserPrincipal; -import java.nio.file.attribute.UserPrincipalLookupService; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; -import org.apache.commons.io.IOUtils; - /** * 规避fortify问题,仅仅是规避,如 * e.getMessage @@ -62,7 +33,6 @@ * */ public final class FortifyUtils { - private static final int SYMBOLIC_LINK_DEPTH = 5; private static Method getMessageMethod; @@ -122,177 +92,6 @@ public static String getErrorInfo(Throwable e, boolean isPrintMsg) { return error.toString(); } - public static FileAttribute getDefaultFileAttributes(String filePath) { - Path file = new File(filePath).toPath(); - if (isPosix()) { - return PosixFilePermissions.asFileAttribute(FilePerm.getDefaultPosixPerm()); - } else { // for not posix must support ACL, or failed. - String userName = System.getProperty("user.name"); - UserPrincipal user = null; - try { - user = file.getFileSystem().getUserPrincipalLookupService().lookupPrincipalByName(userName); - } catch (IOException e) { - throw new RuntimeException("Unknown user error."); - } - - final AclEntry entry = AclEntry.newBuilder() - .setType(AclEntryType.ALLOW) - .setPrincipal(user) - .setPermissions(FilePerm.getDefaultAclPerm()) - //.setPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.READ_ATTRIBUTES, - // AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.READ_ACL) - .setFlags(new AclEntryFlag[] {AclEntryFlag.FILE_INHERIT, AclEntryFlag.DIRECTORY_INHERIT}) - .build(); - - return new FileAttribute>() { - public String name() { - return "acl:acl"; - } /* Windows ACL */ - //public Object value() { ArrayList l = new ArrayList(); l.add(entry); return l; } - - public List value() { - ArrayList l = new ArrayList(); - l.add(entry); - return l; - } - }; - } - } - - public static boolean isPosix() { - return FileSystems.getDefault().supportedFileAttributeViews().contains("posix"); - } - - public static void writeFile(String file, byte[] content) throws IOException { - Set options = new HashSet(); - //options.add(StandardOpenOption.CREATE_NEW); - //options.add(StandardOpenOption.APPEND); - //覆写文件 - options.add(StandardOpenOption.CREATE); - options.add(StandardOpenOption.WRITE); - SeekableByteChannel sbc = null; - try { - FileAttribute fa = getDefaultFileAttributes(file); - ByteBuffer buffer = ByteBuffer.wrap(content); - sbc = Files.newByteChannel(new File(file).toPath(), options, fa); - // write data - sbc.write(buffer); - } finally { - IOUtils.closeQuietly(sbc); - } - } - - public static boolean isInSecureDir(String file) { - return isInSecureDir(new File(file).toPath(), null); - } - - public static boolean isInSecureDir(Path file) { - return isInSecureDir(file, null); - } - - public static boolean isInSecureDir(Path file, UserPrincipal user) { - return isInSecureDir(file, user, SYMBOLIC_LINK_DEPTH); - } - - public static boolean isInSecureDir(Path file, UserPrincipal user, int symlinkDepth) { - if (!file.isAbsolute()) { - file = file.toAbsolutePath(); - } - if (symlinkDepth <= 0) { - // Too many levels of symbolic links - return false; - } - - // Get UserPrincipal for specified user and superuser - Path fileRoot = file.getRoot(); - if (fileRoot == null) { - return false; - } - FileSystem fileSystem = Paths.get(fileRoot.toString()).getFileSystem(); - UserPrincipalLookupService upls = fileSystem.getUserPrincipalLookupService(); - UserPrincipal root = null; - try { - if (isPosix()) { - root = upls.lookupPrincipalByName("root"); - } else { - root = upls.lookupPrincipalByName("Administrators"); - } - - if (user == null) { - user = upls.lookupPrincipalByName(System.getProperty("user.name")); - } - - if (root == null || user == null) { - return false; - } - } catch (IOException x) { - return false; - } - - // If any parent dirs (from root on down) are not secure, - // dir is not secure - for (int i = 1; i <= file.getNameCount(); i++) { - Path fRoot = file.getRoot(); - if (fRoot == null) { - return false; - } - Path partialPath = Paths.get(fRoot.toString(), file.subpath(0, i).toString()); - - try { - if (Files.isSymbolicLink(partialPath)) { - if (!isInSecureDir(Files.readSymbolicLink(partialPath), user, symlinkDepth - 1)) { - // Symbolic link, linked-to dir not secure - return false; - } - } else { - UserPrincipal owner = Files.getOwner(partialPath); - if (!user.equals(owner) && !root.equals(owner)) { - // dir owned by someone else, not secure - return false; - } - } - } catch (IOException x) { - return false; - } - } - - return true; - } - - public static boolean isInSecureResult(Path path) { - try { - if (!isInSecureDir(path)) { - return false; - } - BasicFileAttributes attr = - Files.readAttributes(path, BasicFileAttributes.class, LinkOption.NOFOLLOW_LINKS); - // Check - if (!attr.isRegularFile()) { - return false; - } - } catch (IOException e) { - return false; - } - return true; - } - - public static boolean isRegularFile(String file) { - BasicFileAttributes attr; - try { - attr = Files.readAttributes(new File(file).toPath(), - BasicFileAttributes.class, - LinkOption.NOFOLLOW_LINKS); - } catch (IOException e) { - return false; - } - - if (!attr.isRegularFile()) { - return false; - } - - return true; - } - public static DocumentBuilderFactory getSecurityXmlDocumentFactory() throws ParserConfigurationException { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); @@ -305,18 +104,4 @@ public static DocumentBuilderFactory getSecurityXmlDocumentFactory() throws Pars return factory; } - - public static String getSecurityStr(final String value) { - if (value == null) { - return value; - } - - String encodevalue = value.replaceAll("\t|\r|\n|<|>", ""); - try { - return URLEncoder.encode(encodevalue, "UTF-8"); - } catch (UnsupportedEncodingException e) { - //TODO this need to be fixed - return encodevalue; - } - } } diff --git a/foundation-common/src/test/java/io/servicecomb/foundation/common/utils/TestFortifyUtils.java b/foundation-common/src/test/java/io/servicecomb/foundation/common/utils/TestFortifyUtils.java index 97371c36c86..3b36df9a1e9 100644 --- a/foundation-common/src/test/java/io/servicecomb/foundation/common/utils/TestFortifyUtils.java +++ b/foundation-common/src/test/java/io/servicecomb/foundation/common/utils/TestFortifyUtils.java @@ -21,37 +21,21 @@ import java.io.File; import java.io.IOException; -import java.net.URLEncoder; import java.nio.file.Files; import java.nio.file.LinkOption; import java.nio.file.Path; import java.nio.file.attribute.BasicFileAttributes; -import java.nio.file.attribute.UserPrincipal; - +import mockit.MockUp; import org.junit.Assert; import org.junit.Test; -import mockit.Mock; -import mockit.MockUp; - public class TestFortifyUtils { - public static final String FILE_PATH = "target/testfile"; - @SuppressWarnings("deprecation") @Test public void testFortifyUtils() throws IOException { - Assert.assertNotEquals(null, FortifyUtils.getDefaultFileAttributes(FILE_PATH)); - FortifyUtils.writeFile(FILE_PATH, (new String("testSomething").getBytes())); - Assert.assertEquals(true, (FortifyUtils.isInSecureDir(FILE_PATH))); - Assert.assertEquals(true, (FortifyUtils.isInSecureDir(new File(FILE_PATH).toPath()))); - Assert.assertEquals(true, FortifyUtils.isInSecureResult(new File(FILE_PATH).toPath())); - Assert.assertEquals(true, FortifyUtils.isRegularFile(FILE_PATH)); - Assert.assertEquals(URLEncoder.encode(FILE_PATH), FortifyUtils.getSecurityStr(FILE_PATH)); Assert.assertEquals("", FortifyUtils.getErrorMsg(null)); Assert.assertEquals("", FortifyUtils.getErrorStack(null)); - Assert.assertEquals(null, FortifyUtils.getSecurityStr(null)); - } @Test @@ -71,80 +55,6 @@ public void testGetErrorMsg() { assertNull(FortifyUtils.getErrorMsg(e)); } - @Test - public void testGetDefaultFileAttributes() { - - String filePath = "/foundation-common/src/test/resources/config/test.1.properties"; - - new MockUp() { - - @Mock - public boolean isPosix() { - return true; - } - }; - - FortifyUtils.getDefaultFileAttributes(filePath); - Assert.assertNotEquals(null, FortifyUtils.getDefaultFileAttributes(filePath)); - - } - - @Test - public void testGetDefaultFileAttribute() { - - String filePath = "/foundation-common/src/test/resources/config/test.1.properties"; - - new MockUp() { - - @Mock - public boolean isPosix() { - return false; - } - }; - - FortifyUtils.getDefaultFileAttributes(filePath); - Assert.assertNotEquals(null, FortifyUtils.getDefaultFileAttributes(filePath)); - } - - @Test - public void testIsInSecureDir() { - - Path file = new File("src/test/resources/config/test.1.properties").toPath(); - UserPrincipal user = null; - int symlinkDepth = 5; - FortifyUtils.isInSecureDir(file, user, symlinkDepth); - Assert.assertNotEquals(false, FortifyUtils.isInSecureDir(file, user, symlinkDepth)); - - } - - @Test - public void testIsInSecureDirSymLink() { - - Path file = new File("src/test/resources/config/test.1.properties").toPath(); - UserPrincipal user = null; - int symlinkDepth = 0; - - FortifyUtils.isInSecureDir(file, user, symlinkDepth); - Assert.assertNotEquals(true, FortifyUtils.isInSecureDir(file, user, symlinkDepth)); - } - - @Test - public void testIsInSecureResult() { - - Path file = new File("src/test/resources/config/test.1.properties").toPath(); - - new MockUp() { - - @SuppressWarnings("unused") - public boolean isInSecureDir(Path file, UserPrincipal user, int symlinkDepth) { - return false; - } - }; - FortifyUtils.isInSecureResult(file); - Assert.assertNotEquals(false, FortifyUtils.isInSecureResult(file)); - - } - @Test public void testGetSecurityXmlDocumentFactory() { @@ -163,33 +73,12 @@ public void testReadAttributes() { Path file = new File("src/test/resources/config/test.1.properties").toPath(); - new MockUp() { - - @SuppressWarnings("unused") - public boolean isInSecureDir(Path file) { - return true; - } - }; - try { Files.readAttributes(file, BasicFileAttributes.class, LinkOption.NOFOLLOW_LINKS); } catch (IOException e) { // TODO Auto-generated catch block Assert.assertTrue(false); } - - FortifyUtils.isInSecureResult(file); - Assert.assertNotEquals(false, FortifyUtils.isInSecureResult(file)); - - } - - @Test - public void testIsRegularFile() { - - String file = "abc"; - FortifyUtils.isRegularFile(file); - Assert.assertNotEquals(true, FortifyUtils.isRegularFile(file)); - } @Test @@ -198,7 +87,6 @@ public void testGetErrorStack() { Throwable e = new Throwable(); FortifyUtils.getErrorStack(e); Assert.assertNotEquals(true, FortifyUtils.getErrorStack(e)); - } @Test @@ -207,6 +95,5 @@ public void testGetErrorInfo() { Throwable e = new Throwable(); FortifyUtils.getErrorInfo(e, true); Assert.assertNotEquals(true, FortifyUtils.getErrorInfo(e, true)); - } }