From 0aa8f7e8e5e87640d4ad1fc80c9f545f2482d901 Mon Sep 17 00:00:00 2001 From: tuunalai Date: Fri, 10 May 2024 16:54:03 +0800 Subject: [PATCH] fix security --- composer.json | 1 + src/Client.php | 27 ++++++++++++++++++++++++++- src/ResultTransformer.php | 21 +++++++++++++++++++++ 3 files changed, 48 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 1cba7fe..06ce556 100644 --- a/composer.json +++ b/composer.json @@ -36,6 +36,7 @@ "ext-json": "*", "ext-simplexml": "*", "ext-mbstring": "*", + "ext-libxml": "*", "guzzlehttp/guzzle": "^6.2.1 || ^7.0", "guzzlehttp/guzzle-services": "^1.1", "guzzlehttp/psr7": "^1.3.1 || ^2.0" diff --git a/src/Client.php b/src/Client.php index d9614ae..c739b9f 100644 --- a/src/Client.php +++ b/src/Client.php @@ -553,10 +553,29 @@ public function upload($bucket, $key, $body, $options = array()) { return $rt; } + public static function simplifyPath($path) { + $names = explode("/", $path); + $stack = array(); + foreach ($names as $name) { + if ($name == "..") { + if (!empty($stack)) { + array_pop($stack); + } + } elseif ($name && $name != ".") { + array_push($stack, $name); + } + } + return "/" . implode("/", $stack); + } + public function download($bucket, $key, $saveAs, $options = array()) { $options['PartSize'] = isset($options['PartSize']) ? $options['PartSize'] : RangeDownload::DEFAULT_PART_SIZE; $versionId = isset($options['VersionId']) ? $options['VersionId'] : ''; - + if ("/" == self::simplifyPath($key)) { + $e = new Exception\CosException('GET OBEJCT NOT FOUND'); + $e->setExceptionCode('404'); + throw $e; + } $rt = $this->headObject(array( 'Bucket'=>$bucket, 'Key'=>$key, @@ -664,6 +683,12 @@ public function doesObjectExist($bucket, $key, array $options = array()) } public static function explodeKey($key) { + + if ("/" == self::simplifyPath($key)) { + $e = new Exception\CosException('GET OBEJCT NOT FOUND'); + $e->setExceptionCode('404'); + throw $e; + } // Remove a leading slash if one is found $split_key = explode('/', $key && $key[0] == '/' ? substr($key, 1) : $key); // Remove empty element diff --git a/src/ResultTransformer.php b/src/ResultTransformer.php index 9c97aa5..c3ca718 100644 --- a/src/ResultTransformer.php +++ b/src/ResultTransformer.php @@ -86,6 +86,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $xmlData = json_decode(json_encode($obj),true); if ($picRuleSize == 1 && isset($xmlData['ProcessResults']['Object'])){ @@ -101,6 +104,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $arr = json_decode(json_encode($obj),true); $result['GuetzliStatus'] = isset($arr[0]) ? $arr[0] : ''; @@ -111,6 +117,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $arr = json_decode(json_encode($obj),true); $result['CIStatus'] = isset($arr[0]) ? $arr[0] : ''; @@ -122,6 +131,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $arr = json_decode(json_encode($obj),true); $result['OriginProtectStatus'] = isset($arr[0]) ? $arr[0] : ''; @@ -133,6 +145,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $arr = json_decode(json_encode($obj),true); $result['Hotlink'] = $arr; @@ -144,6 +159,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $arr = json_decode(json_encode($obj),true); $result['TranslationResult'] = isset($arr[0]) ? $arr[0] : ''; @@ -204,6 +222,9 @@ public function ciContentInfoTransformer(CommandInterface $command, Result $resu $length = intval($result['ContentLength']); if($length > 0){ $content = $this->geCiContentInfo($result, $length); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } $obj = simplexml_load_string($content, "SimpleXMLElement", LIBXML_NOCDATA); $xmlData = json_decode(json_encode($obj),true); $result['Response'] = $xmlData;