root
/
yibu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

fix:修复可能会绕过删除的漏洞

main
songzhibin97 3 years ago
parent
ac60596a9b
commit
6c798aff7e
1 changed files with 7 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      server/service/system/sys_autocode_history.go

7
server/service/system/sys_autocode_history.go
View File

@ -61,6 +61,13 @@ func (autoCodeHistoryService *AutoCodeHistoryService) RollBack(id uint) error {
// 删除文件 // 删除文件
for _, path := range strings.Split(md.AutoCodePath, ";") { for _, path := range strings.Split(md.AutoCodePath, ";") {
// 增加安全判断补丁:
_path, err := filepath.Abs(path)
if err != nil || _path != path {
continue
}
// 迁移 // 迁移
nPath := filepath.Join(global.GVA_CONFIG.AutoCode.Root, nPath := filepath.Join(global.GVA_CONFIG.AutoCode.Root,
"rm_file", time.Now().Format("20060102"), filepath.Base(filepath.Dir(filepath.Dir(path))), filepath.Base(filepath.Dir(path)), filepath.Base(path)) "rm_file", time.Now().Format("20060102"), filepath.Base(filepath.Dir(filepath.Dir(path))), filepath.Base(filepath.Dir(path)), filepath.Base(path))

Write Preview
Loading…
Cancel
Save