mirror of
https://github.com/Ascend/ascend-docker-runtime.git
synced 2025-10-22 06:59:38 +08:00
247 lines
6.9 KiB
Go
247 lines
6.9 KiB
Go
// Package mindxcheckutils is a check utils package
|
|
/**
|
|
* Copyright (c) Huawei Technologies Co., Ltd. 2020-2022. All rights reserved.
|
|
*/
|
|
package mindxcheckutils
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"syscall"
|
|
)
|
|
|
|
const (
|
|
maxLogFieldLength = 64
|
|
notValidPath = "not-valid-file-path"
|
|
maxAllowFileSize = 102400 // in megabytes
|
|
oneMegabytes = 1048576
|
|
// DefaultSize default size of file allowed
|
|
DefaultSize = 100 // in megabytes
|
|
// DefaultWhiteList default white list in string
|
|
DefaultWhiteList = "-_./~"
|
|
// DefaultStringSize default string max length
|
|
DefaultStringSize = 256
|
|
// DefaultPathSize default string max length
|
|
DefaultPathSize = 4096
|
|
runLogDir = "/var/log/ascend-docker-runtime/"
|
|
backupLogFileMode os.FileMode = 0400
|
|
runLogFileMode os.FileMode = 0750
|
|
maxFileNum = 32
|
|
)
|
|
|
|
var logPrefix = ""
|
|
|
|
// RealFileChecker check if a file is safe to use
|
|
func RealFileChecker(path string, checkParent, allowLink bool, size int) (string, error) {
|
|
if !StringChecker(path, 0, DefaultPathSize, DefaultWhiteList) {
|
|
return notValidPath, fmt.Errorf("invalid path")
|
|
}
|
|
_, err := FileChecker(path, false, checkParent, allowLink, 0)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
realPath, err := filepath.Abs(path)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
realPath, err = filepath.EvalSymlinks(realPath)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
fileInfo, err := os.Stat(realPath)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
if !fileInfo.Mode().IsRegular() {
|
|
return notValidPath, fmt.Errorf("invalid regular file")
|
|
}
|
|
if size > maxAllowFileSize || size < 0 {
|
|
return notValidPath, fmt.Errorf("invalid size")
|
|
}
|
|
if fileInfo.Size() > int64(size)*int64(oneMegabytes) {
|
|
return notValidPath, fmt.Errorf("size too large")
|
|
}
|
|
return realPath, nil
|
|
}
|
|
|
|
// RealDirChecker check if a dir is safe to use
|
|
func RealDirChecker(path string, checkParent, allowLink bool) (string, error) {
|
|
if !StringChecker(path, 0, DefaultPathSize, DefaultWhiteList) {
|
|
return notValidPath, fmt.Errorf("invalid path")
|
|
}
|
|
_, err := FileChecker(path, true, checkParent, allowLink, 0)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
realPath, err := filepath.Abs(path)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
realPath, err = filepath.EvalSymlinks(realPath)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
fileInfo, err := os.Stat(realPath)
|
|
if err != nil {
|
|
return notValidPath, err
|
|
}
|
|
if !fileInfo.IsDir() {
|
|
return notValidPath, fmt.Errorf("not a dir")
|
|
}
|
|
return realPath, nil
|
|
}
|
|
|
|
// FileChecker check if a file/dir is safe to use
|
|
func FileChecker(path string, allowDir, checkParent, allowLink bool, deep int) (bool, error) {
|
|
const maxDepth, groupWriteIndex, otherWriteIndex, permLength int = 99, 5, 8, 10
|
|
if deep > maxDepth {
|
|
return false, fmt.Errorf("over maxDepth %v", maxDepth)
|
|
}
|
|
if strings.Contains(path, "..") {
|
|
return false, fmt.Errorf("err path %v", path)
|
|
}
|
|
filePath, err := filepath.Abs(path)
|
|
if err != nil {
|
|
return false, fmt.Errorf("get abs path failed %v", err)
|
|
}
|
|
if len(filepath.Base(filePath)) > DefaultStringSize {
|
|
return false, fmt.Errorf("path too long")
|
|
}
|
|
fileInfo, ok, err := normalFileCheck(filePath, allowDir, allowLink)
|
|
if err != nil {
|
|
return ok, err
|
|
}
|
|
perm := fileInfo.Mode().Perm().String()
|
|
if len(perm) != permLength {
|
|
return false, fmt.Errorf("permission not right %v %v", filePath, perm)
|
|
}
|
|
for index, char := range perm {
|
|
switch index {
|
|
case groupWriteIndex, otherWriteIndex:
|
|
if char == 'w' {
|
|
return false, fmt.Errorf("write permission not right %v %v", filePath, perm)
|
|
}
|
|
default:
|
|
}
|
|
}
|
|
stat, ok := fileInfo.Sys().(*syscall.Stat_t)
|
|
if !ok {
|
|
return false, fmt.Errorf("can not get stat %v", filePath)
|
|
}
|
|
uid := int(stat.Uid)
|
|
if !(uid == 0 || uid == os.Getuid()) {
|
|
return false, fmt.Errorf("owner not right %v %v", filePath, uid)
|
|
}
|
|
if filePath != "/" && checkParent {
|
|
return FileChecker(filepath.Dir(filePath), true, true, allowLink, deep+1)
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
func normalFileCheck(filePath string, allowDir bool, allowLink bool) (os.FileInfo, bool, error) {
|
|
realPath, err := filepath.EvalSymlinks(filePath)
|
|
if err != nil || (realPath != filePath && !allowLink) {
|
|
return nil, false, fmt.Errorf("symlinks or not existed, failed %v, %v", filePath, err)
|
|
}
|
|
fileInfo, err := os.Stat(filePath)
|
|
if err != nil {
|
|
return nil, false, fmt.Errorf("get file stat failed %v", err)
|
|
}
|
|
if allowDir {
|
|
if !fileInfo.Mode().IsRegular() && !fileInfo.IsDir() {
|
|
return nil, false, fmt.Errorf("not regular file/dir %v", filePath)
|
|
}
|
|
} else {
|
|
if !fileInfo.Mode().IsRegular() {
|
|
return nil, false, fmt.Errorf("not regular file %v", filePath)
|
|
}
|
|
}
|
|
if fileInfo.Mode()&os.ModeSetuid != 0 {
|
|
return nil, false, fmt.Errorf("setuid not allowed %v", filePath)
|
|
}
|
|
if fileInfo.Mode()&os.ModeSetgid != 0 {
|
|
return nil, false, fmt.Errorf("setgid not allowed %v", filePath)
|
|
}
|
|
return fileInfo, false, nil
|
|
}
|
|
|
|
// GetLogPrefix get log prefix
|
|
func GetLogPrefix() (string, error) {
|
|
if logPrefix != "" {
|
|
return logPrefix, nil
|
|
}
|
|
uid := os.Geteuid()
|
|
if uid < 0 {
|
|
return "", fmt.Errorf("err: uid not right")
|
|
}
|
|
tty, err := filepath.EvalSymlinks("/proc/self/fd/0")
|
|
if err != nil || !StringChecker(tty, 0, DefaultStringSize, "/:") {
|
|
tty = "unknown"
|
|
}
|
|
|
|
logPrefix = fmt.Sprintf("uid: %d tty: %v ", uid, tty)
|
|
return logPrefix, nil
|
|
}
|
|
|
|
func isLetter(c rune) bool {
|
|
return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z')
|
|
}
|
|
|
|
func isNumber(c rune) bool {
|
|
return '0' <= c && c <= '9'
|
|
}
|
|
|
|
func isInWhiteList(c rune, whiteList string) bool {
|
|
return strings.Contains(whiteList, string(c))
|
|
}
|
|
|
|
// StringChecker check string
|
|
func StringChecker(text string, minLength, maxLength int, whiteList string) bool {
|
|
if len(text) <= minLength || len(text) >= maxLength {
|
|
return false
|
|
}
|
|
for _, char := range text {
|
|
if isLetter(char) || isNumber(char) || isInWhiteList(char, whiteList) {
|
|
continue
|
|
}
|
|
return false
|
|
}
|
|
return true
|
|
}
|
|
|
|
// ChangeRuntimeLogMode change log mode
|
|
func ChangeRuntimeLogMode(runLog, operLog string) error {
|
|
runLogDirLen := len(runLogDir)
|
|
var logMode os.FileMode
|
|
counter := 0
|
|
err := filepath.Walk(runLogDir, func(fileOrPath string, fileInfo os.FileInfo, err error) error {
|
|
counter += 1
|
|
if counter > maxFileNum {
|
|
return fmt.Errorf("the counter file is over maxFileNum")
|
|
}
|
|
if err != nil {
|
|
fmt.Printf("prevent panic by handling failure accessing a path %q: %v\n", fileOrPath, err)
|
|
return err
|
|
}
|
|
hasLogPrefix := strings.HasPrefix(fileOrPath[runLogDirLen:],
|
|
runLog) || strings.HasPrefix(fileOrPath[runLogDirLen:], operLog)
|
|
if !hasLogPrefix {
|
|
return nil
|
|
}
|
|
logMode = backupLogFileMode
|
|
if fileInfo.Mode()&os.ModeSymlink == os.ModeSymlink {
|
|
return fmt.Errorf("the file or path is symlink")
|
|
}
|
|
if errChmod := os.Chmod(fileOrPath, logMode); errChmod != nil {
|
|
return fmt.Errorf("set file mode %s failed", fileOrPath)
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return fmt.Errorf("traversal runLogDir failed")
|
|
}
|
|
return nil
|
|
}
|