fix: 解决添加仓库注入漏洞问题

2025-10-25 06:56:32 +08:00 · 2023-06-25 18:31:21 +08:00 · 2023-06-25 18:31:21 +08:00 · 321ed00734
commit 321ed00734
parent 8ff160408f
2 changed files with 46 additions and 3 deletions
--- a/backend/app/service/image_repo.go
+++ b/backend/app/service/image_repo.go
@ -3,6 +3,7 @@ package service
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"os"
 	"path"
 	"strings"
@ -149,7 +150,7 @@ func (u *ImageRepoService) Update(req dto.ImageRepoUpdate) error {
 	if repo.DownloadUrl != req.DownloadUrl || (!repo.Auth && req.Auth) {
 		_ = u.handleRegistries(req.DownloadUrl, repo.DownloadUrl, "update")
 		if repo.Auth {
-			_, _ = cmd.Execf("docker logout %s", repo.DownloadUrl)
+			_, _ = cmd.ExecWithCheck("docker", "logout", repo.DownloadUrl)
 		}
 		stdout, err := cmd.Exec("systemctl restart docker")
 		if err != nil {
@ -176,9 +177,9 @@ func (u *ImageRepoService) Update(req dto.ImageRepoUpdate) error {
 }

 func (u *ImageRepoService) CheckConn(host, user, password string) error {
-	stdout, err := cmd.Execf("docker login -u %s -p %s %s", user, password, host)
+	stdout, err := cmd.ExecWithCheck("docker", "login", "-u", user, "-p", password, host)
 	if err != nil {
-		return errors.New(string(stdout))
+		return fmt.Errorf("stdout: %s, stderr: %v", stdout, err)
 	}
 	if strings.Contains(string(stdout), "Login Succeeded") {
 		return nil
--- a/backend/utils/cmd/cmd.go
+++ b/backend/utils/cmd/cmd.go
@ -3,8 +3,10 @@ package cmd
 import (
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 	"os/exec"
+	"strings"
 	"time"

 	"github.com/1Panel-dev/1Panel/backend/buserr"
@ -117,6 +119,46 @@ func Execf(cmdStr string, a ...interface{}) (string, error) {
 	return stdout.String(), nil
 }

+func ExecWithCheck(name string, a ...string) (string, error) {
+	if CheckIllegal(a...) {
+		return "error exec !", errors.New("There are invalid characters in the command you're executing.")
+	}
+	cmd := exec.Command(name, a...)
+	var stdout, stderr bytes.Buffer
+	cmd.Stdout = &stdout
+	cmd.Stderr = &stderr
+	err := cmd.Run()
+	if err != nil {
+		errMsg := ""
+		if len(stderr.String()) != 0 {
+			errMsg = fmt.Sprintf("stderr: %s", stderr.String())
+		}
+		if len(stdout.String()) != 0 {
+			if len(errMsg) != 0 {
+				errMsg = fmt.Sprintf("%s; stdout: %s", errMsg, stdout.String())
+			} else {
+				errMsg = fmt.Sprintf("stdout: %s", stdout.String())
+			}
+		}
+		return errMsg, err
+	}
+	return stdout.String(), nil
+}
+
+func CheckIllegal(args ...string) bool {
+	if args == nil {
+		return false
+	}
+	for _, arg := range args {
+		if strings.Contains(arg, "&") || strings.Contains(arg, "|") || strings.Contains(arg, ";") ||
+			strings.Contains(arg, "$") || strings.Contains(arg, "'") || strings.Contains(arg, "`") ||
+			strings.Contains(arg, "(") || strings.Contains(arg, ")") || strings.Contains(arg, "\"") {
+			return true
+		}
+	}
+	return false
+}
+
 func HasNoPasswordSudo() bool {
 	cmd2 := exec.Command("sudo", "-n", "ls")
 	err2 := cmd2.Run()