File tree Expand file tree Collapse file tree 2 files changed +7
-2
lines changed
FairyPlugin/src/main/java/com/limpoxe/fairy Expand file tree Collapse file tree 2 files changed +7
-2
lines changed Original file line number Diff line number Diff line change @@ -189,7 +189,7 @@ PluginDescriptor getPluginDescriptorByClassName(String clazzName) {
189189 synchronized InstallResult installPlugin (String srcPluginFile ) {
190190 LogUtil .w ("开始安装插件" , srcPluginFile );
191191 long startAt = System .currentTimeMillis ();
192- if (TextUtils .isEmpty (srcPluginFile )) {
192+ if (! FileUtil . checkPathSafe ( srcPluginFile ) || TextUtils .isEmpty (srcPluginFile )) {
193193 return new InstallResult (PluginManagerHelper .SRC_FILE_NOT_FOUND );
194194 }
195195
@@ -209,11 +209,12 @@ synchronized InstallResult installPlugin(String srcPluginFile) {
209209 // 先将apk复制到宿主程序私有目录,防止在安装过程中文件被篡改
210210 if (!srcPluginFile .startsWith (FairyGlobal .getHostApplication ().getCacheDir ().getAbsolutePath ())) {
211211 String tempFilePath = FairyGlobal .getHostApplication ().getCacheDir ().getAbsolutePath ()
212- + File .separator + System .currentTimeMillis () + "_" + srcFile .getName () + ".apk" ;
212+ + File .separator + System .currentTimeMillis () + "_" + srcFile .getName ();
213213 if (FileUtil .copyFile (srcPluginFile , tempFilePath )) {
214214 srcPluginFile = tempFilePath ;
215215 } else {
216216 LogUtil .e ("复制插件文件失败" , srcPluginFile , tempFilePath );
217+ new File (tempFilePath ).delete ();
217218 return new InstallResult (PluginManagerHelper .COPY_FILE_FAIL );
218219 }
219220 }
Original file line number Diff line number Diff line change @@ -313,4 +313,8 @@ public static String streamToString(InputStream input) throws IOException {
313313 return sb .toString ();
314314 }
315315
316+ public static boolean checkPathSafe (String path ) {
317+ return path != null && !path .contains (".." ) && !path .contains (" " );
318+ }
319+
316320}
You can’t perform that action at this time.
0 commit comments