From 75f928aebc25477ba1c6704d78a8d9bed0a7fa88 Mon Sep 17 00:00:00 2001 From: yqhan Date: Tue, 30 Apr 2024 14:49:53 +0800 Subject: [PATCH] Add the rule for worker path. issue: https://gitee.com/openharmony/arkui_napi/issues/I9KQA0 Signed-off-by: yqhan --- .../common/helper/path_helper.h | 29 +++++++++++++++++++ js_concurrent_module/worker/worker.cpp | 14 +++++++-- 2 files changed, 40 insertions(+), 3 deletions(-) diff --git a/js_concurrent_module/common/helper/path_helper.h b/js_concurrent_module/common/helper/path_helper.h index 016f57e..6190cc4 100644 --- a/js_concurrent_module/common/helper/path_helper.h +++ b/js_concurrent_module/common/helper/path_helper.h @@ -20,19 +20,48 @@ #include #include "native_engine/native_engine.h" +#include "tools/log.h" namespace Commonlibrary::Concurrent::Common::Helper { class PathHelper { public: static constexpr char PREFIX_BUNDLE[] = "@bundle:"; + static constexpr char PREFIX_PAG[] = "@package:"; static constexpr char DOUBLE_POINT_TAG[] = ".."; static constexpr char NAME_SPACE_TAG = '@'; static constexpr char POINT_TAG[] = "."; static constexpr char SLASH_TAG = '/'; + static constexpr char PAG_TAG[] = "pkg_modules"; static constexpr char EXT_NAME_ETS[] = ".ets"; static constexpr char EXT_NAME_TS[] = ".ts"; static constexpr char EXT_NAME_JS[] = ".js"; + static bool CheckWorkerPath(napi_env env, std::string script, bool isHar, bool isRelativePath) + { + std::string ohmurl = ""; + std::string moduleName = ""; + std::string bundleName = ""; + if (script.find(PAG_TAG) == 0 || script.find(NAME_SPACE_TAG) != std::string::npos) { + HILOG_INFO("worker:: the HAR path cannot be verified"); + return true; + } + size_t prev = script.find_first_of(SLASH_TAG); + if (isRelativePath) { + bundleName = script.substr(0, prev); + std::string temp = script.substr(prev + 1); + prev = temp.find_first_of(SLASH_TAG); + moduleName = temp.substr(0, prev); + ohmurl = PREFIX_BUNDLE + script; + } else { + moduleName = script.substr(0, prev); + bundleName = reinterpret_cast(env)->GetBundleName(); + prev = script.find_last_of(POINT_TAG); + script = script.substr(0, prev); + ohmurl = PREFIX_BUNDLE + bundleName + SLASH_TAG + script; + } + return reinterpret_cast(env)->IsExecuteModuleInAbcFile(bundleName, moduleName, ohmurl); + } + static void ConcatFileNameForWorker(napi_env env, std::string &script, std::string &fileName, bool &isRelativePath) { std::string moduleName; diff --git a/js_concurrent_module/worker/worker.cpp b/js_concurrent_module/worker/worker.cpp index a5c8168..928c0b1 100644 --- a/js_concurrent_module/worker/worker.cpp +++ b/js_concurrent_module/worker/worker.cpp @@ -1177,17 +1177,24 @@ void Worker::StartExecuteInThread(napi_env env, const char* script) // 2. copy the script script_ = std::string(script); - CloseHelp::DeletePointer(script, true); // isBundle : FA mode and BundlePack. bool isBundle = reinterpret_cast(env)->GetIsBundle(); // if worker file is packed in har, need find moduleName in hostVM, and concat new recordName. - if ((script_.find_first_of(PathHelper::NAME_SPACE_TAG) == 0 && - script_.find(PathHelper::PREFIX_BUNDLE) == std::string::npos) || + bool isHar = script_.find_first_of(PathHelper::NAME_SPACE_TAG) == 0; + if ((isHar && script_.find(PathHelper::PREFIX_BUNDLE) == std::string::npos) || (!isBundle && script_.find_first_of(PathHelper::POINT_TAG) == 0)) { PathHelper::ConcatFileNameForWorker(env, script_, fileName_, isRelativePath_); HILOG_DEBUG("worker:: Concated worker recordName: %{public}s, fileName: %{public}s", script_.c_str(), fileName_.c_str()); } + // check the path is vaild. + if (!isBundle && !PathHelper::CheckWorkerPath(env, script_, isHar, isRelativePath_)) { + HILOG_ERROR("worker:: the file path is invaild, can't find the file : %{public}s.", script); + CloseHelp::DeletePointer(script, true); + ErrorHelper::ThrowError(env, ErrorHelper::ERR_WORKER_INVALID_FILEPATH, + "the file path is invaild, can't find the file."); + return; + } // 3. create WorkerRunner to Execute if (!runner_) { @@ -1198,6 +1205,7 @@ void Worker::StartExecuteInThread(napi_env env, const char* script) } else { HILOG_ERROR("runner_ is nullptr"); } + CloseHelp::DeletePointer(script, true); } void Worker::ExecuteInThread(const void* data) -- Gitee