pengjunjie/JeecgBoot
1
0
Fork 1
mirror of https://github.com/jeecgboot/JeecgBoot.git synced 2026-02-03 17:15:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

文件目录扫描漏洞

Browse Source
This commit is contained in:
JEECG
2026-01-26 15:06:33 +08:00
parent 1936f503df
commit 360f5d779a
4 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java
View File

@ -20,6 +20,7 @@ import org.jeecg.common.system.query.QueryGenerator;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.*;
import org.jeecg.common.util.filter.SsrfFileTypeFilter;
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
import org.jeecg.modules.message.enums.RangeDateEnum;
import org.jeecg.modules.message.websocket.WebSocket;
@ -142,6 +143,8 @@ public class SysAnnouncementController {
// 代码逻辑说明: 标题处理xss攻击的问题
String title = XssUtils.scriptXss(sysAnnouncement.getTitile());
sysAnnouncement.setTitile(title);
// 【安全校验】校验附件文件名,防止路径遍历攻击
SsrfFileTypeFilter.checkPathTraversalBatch(sysAnnouncement.getFiles());
sysAnnouncement.setDelFlag(CommonConstant.DEL_FLAG_0.toString());
//未发布
sysAnnouncement.setSendStatus(CommonSendStatus.UNPUBLISHED_STATUS_0);
@ -173,6 +176,8 @@ public class SysAnnouncementController {
// 代码逻辑说明: 标题处理xss攻击的问题
String title = XssUtils.scriptXss(sysAnnouncement.getTitile());
sysAnnouncement.setTitile(title);
// 【安全校验】校验附件文件名,防止路径遍历攻击
SsrfFileTypeFilter.checkPathTraversalBatch(sysAnnouncement.getFiles());
sysAnnouncement.setNoticeType(NoticeTypeEnum.NOTICE_TYPE_SYSTEM.getValue());
boolean ok = sysAnnouncementService.upDateAnnouncement(sysAnnouncement);
//TODO 返回false说明什么

3
jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java
View File

@ -12,6 +12,7 @@ import org.apache.shiro.SecurityUtils;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.FileDownloadUtils;
import org.jeecg.common.util.filter.SsrfFileTypeFilter;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.JeecgBaseConfig;
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
@ -303,6 +304,8 @@ public class SysAnnouncementServiceImpl extends ServiceImpl<SysAnnouncementMappe
if (oConvertUtils.isEmpty(fileUrl)) {
continue;
}
// 【安全校验】防止路径遍历攻击
SsrfFileTypeFilter.checkPathTraversal(fileUrl);
// 生成ZIP内文件名避免重名添加序号
String fileName = FileDownloadUtils.generateFileName(fileUrl, i, fileUrls.length);
String uploadUrl = jeecgBaseConfig.getPath().getUpload();