|
|
|
@ -36,139 +36,124 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor { |
|
|
|
public void visitNode(Tree tree) { |
|
|
|
public void visitNode(Tree tree) { |
|
|
|
MethodTree node = (MethodTree) tree; |
|
|
|
MethodTree node = (MethodTree) tree; |
|
|
|
List<VariableTree> parameters = node.parameters(); |
|
|
|
List<VariableTree> parameters = node.parameters(); |
|
|
|
// 盘带是否是文件上传类
|
|
|
|
//盘带是否是文件上传类
|
|
|
|
boolean boo = parameters.stream().anyMatch(type -> "MultipartFile".equals(type.type().toString())); |
|
|
|
boolean boo = parameters.stream().anyMatch(type -> "MultipartFile".equals(type.type().toString())); |
|
|
|
if(boo){ |
|
|
|
if (boo) { |
|
|
|
// 获取文件名称类型判断是否配置文件权限
|
|
|
|
//获取文件名称类型判断是否配置文件权限
|
|
|
|
var interiorInvoIf = new InteriorInvoIf(); |
|
|
|
var interiorInvoIf = new InteriorInvoIf(); |
|
|
|
interiorInvoIf.check(((MethodTree) tree).block()); |
|
|
|
((MethodTree) tree).block().accept(interiorInvoIf); |
|
|
|
if(interiorInvoIf.fileType != ""){ |
|
|
|
if (interiorInvoIf.fileType != "") { |
|
|
|
// 判断是否对文件后缀进行限制
|
|
|
|
//判断是否对文件后缀进行限制
|
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileType); |
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileType); |
|
|
|
nodeIf.check(((MethodTree) tree).block()); |
|
|
|
((MethodTree) tree).block().accept(nodeIf); |
|
|
|
if (nodeIf.boo){ |
|
|
|
if (nodeIf.boo) { |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
} |
|
|
|
} |
|
|
|
}else { |
|
|
|
} else { |
|
|
|
if(interiorInvoIf.fileName != ""){ |
|
|
|
if (interiorInvoIf.fileName != "") { |
|
|
|
// 判断是否对文件后缀进行限制
|
|
|
|
// 判断是否对文件后缀进行限制
|
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileName); |
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileName); |
|
|
|
nodeIf.check(((MethodTree) tree).block()); |
|
|
|
((MethodTree) tree).block().accept(nodeIf); |
|
|
|
if (nodeIf.boo){ |
|
|
|
if (nodeIf.boo) { |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
} |
|
|
|
} |
|
|
|
}else { |
|
|
|
} else { |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if(interiorInvoIf.sizeName != ""){ |
|
|
|
if (interiorInvoIf.sizeName != "") { |
|
|
|
// 判断是否对文件大小进行限制
|
|
|
|
//判断是否对文件大小进行限制
|
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.sizeName); |
|
|
|
NodeIf nodeIf = new NodeIf(interiorInvoIf.sizeName); |
|
|
|
nodeIf.check(((MethodTree) tree).block()); |
|
|
|
//nodeIf.check(((MethodTree) tree).block());
|
|
|
|
if (nodeIf.boo){ |
|
|
|
((MethodTree) tree).block().accept(nodeIf); |
|
|
|
|
|
|
|
if (nodeIf.boo) { |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
// 判断是否进行权限设置
|
|
|
|
//判断是否进行权限设置
|
|
|
|
if(interiorInvoIf.privType){ |
|
|
|
if (interiorInvoIf.privType) { |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// 內部文件名称类型获取类
|
|
|
|
//內部文件名称类型获取类
|
|
|
|
private class InteriorInvoIf extends IssuableSubscriptionVisitor{ |
|
|
|
private class InteriorInvoIf extends BaseTreeVisitor { |
|
|
|
// 文件全名字
|
|
|
|
//文件全名字
|
|
|
|
public String fileName = ""; |
|
|
|
public String fileName = ""; |
|
|
|
// 文件后缀名
|
|
|
|
// 文件后缀名
|
|
|
|
public String fileType = ""; |
|
|
|
public String fileType = ""; |
|
|
|
// 文件大小
|
|
|
|
//文件大小
|
|
|
|
public String sizeName = ""; |
|
|
|
public String sizeName = ""; |
|
|
|
// 判断权限
|
|
|
|
//判断权限
|
|
|
|
public boolean privType = true; |
|
|
|
public boolean privType = true; |
|
|
|
|
|
|
|
|
|
|
|
@Override |
|
|
|
@Override |
|
|
|
public List<Tree.Kind> nodesToVisit() { |
|
|
|
public void visitMethodInvocation(MethodInvocationTree tree) { |
|
|
|
return Collections.singletonList(Tree.Kind.METHOD_INVOCATION); |
|
|
|
//获取到方法调用的参数
|
|
|
|
} |
|
|
|
ExpressionTree expressionTree = tree.methodSelect(); |
|
|
|
|
|
|
|
if (expressionTree instanceof MemberSelectExpressionTree) { |
|
|
|
@Override |
|
|
|
|
|
|
|
public void visitNode(Tree tree){ |
|
|
|
|
|
|
|
MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree; |
|
|
|
|
|
|
|
// 获取到方法调用的参数
|
|
|
|
|
|
|
|
ExpressionTree expressionTree = methodInvocationTree.methodSelect(); |
|
|
|
|
|
|
|
if(expressionTree instanceof MemberSelectExpressionTree){ |
|
|
|
|
|
|
|
MemberSelectExpressionTree expressionTree1 = (MemberSelectExpressionTree) expressionTree; |
|
|
|
MemberSelectExpressionTree expressionTree1 = (MemberSelectExpressionTree) expressionTree; |
|
|
|
// 对调用方法进行判断
|
|
|
|
//对调用方法进行判断
|
|
|
|
if("getOriginalFilename".equals(expressionTree1.identifier().toString())){ |
|
|
|
if ("getOriginalFilename".equals(expressionTree1.identifier().toString())) { |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
if(parent instanceof MethodInvocationTree){ |
|
|
|
if (parent instanceof MethodInvocationTree) { |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
if(parent1 instanceof VariableTree){ |
|
|
|
if (parent1 instanceof VariableTree) { |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
fileName = variableTree.simpleName().toString(); |
|
|
|
fileName = variableTree.simpleName().toString(); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
}else if("extName".equals(expressionTree1.identifier().toString())){ |
|
|
|
} else if ("extName".equals(expressionTree1.identifier().toString())) { |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
if(parent instanceof MethodInvocationTree){ |
|
|
|
if (parent instanceof MethodInvocationTree) { |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
if(parent1 instanceof VariableTree){ |
|
|
|
if (parent1 instanceof VariableTree) { |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
fileType = variableTree.simpleName().toString(); |
|
|
|
fileType = variableTree.simpleName().toString(); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
}else if("getSize".equals(expressionTree1.identifier().toString())){ |
|
|
|
} else if ("getSize".equals(expressionTree1.identifier().toString())) { |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
Tree parent = expressionTree1.parent(); |
|
|
|
if(parent instanceof MethodInvocationTree){ |
|
|
|
if (parent instanceof MethodInvocationTree) { |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
MethodInvocationTree memberSelectExpressionTree = (MethodInvocationTree) parent; |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
Tree parent1 = memberSelectExpressionTree.parent(); |
|
|
|
if(parent1 instanceof VariableTree){ |
|
|
|
if (parent1 instanceof VariableTree) { |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
VariableTree variableTree = (VariableTree) parent1; |
|
|
|
sizeName = variableTree.simpleName().toString(); |
|
|
|
sizeName = variableTree.simpleName().toString(); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
}else if("setExecutable".equals(expressionTree1.identifier().toString()) || "setReadable".equals(expressionTree1.identifier().toString()) || "setWritable".equals(expressionTree1.identifier().toString())){ |
|
|
|
} else if ("setExecutable".equals(expressionTree1.identifier().toString()) || "setReadable".equals(expressionTree1.identifier().toString()) || "setWritable".equals(expressionTree1.identifier().toString())) { |
|
|
|
privType = false; |
|
|
|
privType = false; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
public void check(Tree tree){ |
|
|
|
|
|
|
|
this.scanTree(tree); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public class NodeIf extends IssuableSubscriptionVisitor{ |
|
|
|
public class NodeIf extends BaseTreeVisitor { |
|
|
|
|
|
|
|
|
|
|
|
private String name; |
|
|
|
private String name; |
|
|
|
public boolean boo = true; |
|
|
|
public boolean boo = true; |
|
|
|
@Override |
|
|
|
|
|
|
|
public List<Tree.Kind> nodesToVisit() { |
|
|
|
|
|
|
|
return Collections.singletonList(Tree.Kind.IF_STATEMENT); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public NodeIf(String name) { |
|
|
|
public NodeIf(String name) { |
|
|
|
this.name = name; |
|
|
|
this.name = name; |
|
|
|
} |
|
|
|
} |
|
|
|
public void check(Tree tree){ |
|
|
|
|
|
|
|
this.scanTree(tree); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
@Override |
|
|
|
@Override |
|
|
|
public void visitNode(Tree tree){ |
|
|
|
public void visitIfStatement(IfStatementTree tree) { |
|
|
|
IfStatementTree tree1 = (IfStatementTree) tree; |
|
|
|
//获取到if表达式
|
|
|
|
// 获取到if表达式
|
|
|
|
ExpressionTree condition = tree.condition(); |
|
|
|
ExpressionTree condition = tree1.condition(); |
|
|
|
if (condition instanceof BinaryExpressionTree) { |
|
|
|
if(condition instanceof BinaryExpressionTree){ |
|
|
|
|
|
|
|
BinaryExpressionTree binaryExpressionTree = (BinaryExpressionTree) condition; |
|
|
|
BinaryExpressionTree binaryExpressionTree = (BinaryExpressionTree) condition; |
|
|
|
// 判断是否进行if判断
|
|
|
|
//判断是否进行if判断
|
|
|
|
if(name.equals(binaryExpressionTree.leftOperand().toString())){ |
|
|
|
if (name.equals(binaryExpressionTree.leftOperand().toString())) { |
|
|
|
boo = false; |
|
|
|
boo = false; |
|
|
|
}else if(name.equals(binaryExpressionTree.rightOperand().toString())){ |
|
|
|
} else if (name.equals(binaryExpressionTree.rightOperand().toString())) { |
|
|
|
boo = false; |
|
|
|
boo = false; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
Guo XIn
8 months ago