From c2872c78bd4275328b28013898179391110868a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=9F=B3=E4=BD=B3=E7=82=9C?= <shijiawei11@huawei.com>
Date: Tue, 3 Jun 2025 15:01:37 +0800
Subject: [PATCH 1/2] =?UTF-8?q?C:/Program=20Files/Git/=E7=9A=84=E6=A0=A1?=
 =?UTF-8?q?=E9=AA=8C=E9=80=BB=E8=BE=91=E5=8E=BB=E6=8E=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 石佳炜 <shijiawei11@huawei.com>
---
 interfaces/common/src/common_func.cpp                      | 2 +-
 interfaces/common/src/sandbox_helper.cpp                   | 7 ++-----
 interfaces/innerkits/native/file_uri/src/file_uri.cpp      | 6 +++---
 test/unittest/remote_file_share/remote_file_share_test.cpp | 4 ++--
 4 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/interfaces/common/src/common_func.cpp b/interfaces/common/src/common_func.cpp
index ac37cffbd..1218cf70e 100644
--- a/interfaces/common/src/common_func.cpp
+++ b/interfaces/common/src/common_func.cpp
@@ -111,7 +111,7 @@ static void NormalizePath(string &path)
 string CommonFunc::GetUriFromPath(const string &path)
 {
     if (!SandboxHelper::IsValidPath(path)) {
-        LOGE("path is ValidPath, The path contains '/./' or '../'characters");
+        LOGE("path is ValidPath, The path contains '../' characters");
         return "";
     }
     if (path.find(FILE_SCHEME_PREFIX) == 0) {
diff --git a/interfaces/common/src/sandbox_helper.cpp b/interfaces/common/src/sandbox_helper.cpp
index 854ddcab0..6c274917b 100644
--- a/interfaces/common/src/sandbox_helper.cpp
+++ b/interfaces/common/src/sandbox_helper.cpp
@@ -376,7 +376,7 @@ int32_t SandboxHelper::GetPhysicalPath(const std::string &fileUri, const std::st
                                        std::string &physicalPath)
 {
     if (!IsValidPath(fileUri)) {
-        LOGE("fileUri is ValidUri, The fileUri contains '/./' or '../'characters");
+        LOGE("fileUri is ValidUri, The fileUri contains '../' characters");
         return -EINVAL;
     }
     Uri uri(fileUri);
@@ -416,7 +416,7 @@ int32_t SandboxHelper::GetBackupPhysicalPath(const std::string &fileUri, const s
                                              std::string &physicalPath)
 {
     if (!IsValidPath(fileUri)) {
-        LOGE("fileUri is ValidUri, The fileUri contains '/./' or '../'characters");
+        LOGE("fileUri is ValidUri, The fileUri contains '../' characters");
         return -EINVAL;
     }
     Uri uri(fileUri);
@@ -454,9 +454,6 @@ int32_t SandboxHelper::GetBackupPhysicalPath(const std::string &fileUri, const s
 
 bool SandboxHelper::IsValidPath(const std::string &filePath)
 {
-    if (filePath.find("/./") != std::string::npos) {
-        return false;
-    }
     size_t pos = filePath.find(PATH_INVALID_FLAG1);
     while (pos != string::npos) {
         if (pos == 0 || filePath[pos - 1] == BACKSLASH) {
diff --git a/interfaces/innerkits/native/file_uri/src/file_uri.cpp b/interfaces/innerkits/native/file_uri/src/file_uri.cpp
index d13f58ab0..b7674f81e 100644
--- a/interfaces/innerkits/native/file_uri/src/file_uri.cpp
+++ b/interfaces/innerkits/native/file_uri/src/file_uri.cpp
@@ -151,7 +151,7 @@ string FileUri::GetRealPathBySA(const std::string &targetBundleName)
 {
     string sandboxPath = DecodeBySA(uri_.GetPath());
     if (sandboxPath.empty() || !SandboxHelper::IsValidPath(sandboxPath)) {
-        LOGE("path is ValidPath, The path contains '/./' or '../'characters");
+        LOGE("path is ValidPath, The path contains '../' characters");
         return "";
     }
     string realPath = sandboxPath;
@@ -174,7 +174,7 @@ string FileUri::GetFullDirectoryUri()
 {
     string uri = uri_.ToString();
     if (!SandboxHelper::IsValidPath(uri)) {
-        LOGE("uri is ValidUri, The uri contains '/./' or '../'characters");
+        LOGE("uri is ValidUri, The uri contains '../' characters");
         return "";
     }
     struct stat fileInfo;
@@ -213,7 +213,7 @@ bool FileUri::CheckUriFormat(const std::string &uri)
         return false;
     }
     if (!SandboxHelper::IsValidPath(uri)) {
-        LOGE("uri is ValidPath, The uri contains '/./' or '../'characters");
+        LOGE("uri is ValidPath, The uri contains '../' characters");
         return false;
     }
     return true;
diff --git a/test/unittest/remote_file_share/remote_file_share_test.cpp b/test/unittest/remote_file_share/remote_file_share_test.cpp
index 5df49b322..9a4a76941 100644
--- a/test/unittest/remote_file_share/remote_file_share_test.cpp
+++ b/test/unittest/remote_file_share/remote_file_share_test.cpp
@@ -252,7 +252,7 @@ namespace {
     HWTEST_F(RemoteFileShareTest, Remote_file_share_GetDfsUriFromLocal_0007, testing::ext::TestSize.Level1)
     {
         GTEST_LOG_(INFO) << "RemoteFileShareTest-begin  Remote_file_share_GetDfsUriFromLocal_0007";
-        const string uriStr = "file://com.demo.a/./data/storage/el2/base/remote_file_share_test.txt";
+        const string uriStr = "file://com.demo.a/../data/storage/el2/base/remote_file_share_test.txt";
         const int userId = 100;
         HmdfsUriInfo hui;
         int ret = RemoteFileShare::GetDfsUriFromLocal(uriStr, userId, hui);
@@ -732,7 +732,7 @@ namespace {
     HWTEST_F(RemoteFileShareTest, remote_file_share_test_0017, testing::ext::TestSize.Level1)
     {
         GTEST_LOG_(INFO) << "RemoteFileShareTest-begin  remote_file_share_test_0017";
-        vector<string> uriList = {"file://docs/storage/Users/currentUser/./Document/1.txt"};
+        vector<string> uriList = {"file://docs/storage/Users/currentUser/../Document/1.txt"};
         const string networkId = "100";
         const string deviceId = "001";
         vector<string> resultList;
-- 
Gitee


From da86a7eac47187f7cdfe912efe520bd2c004df01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=9F=B3=E4=BD=B3=E7=82=9C?= <shijiawei11@huawei.com>
Date: Tue, 3 Jun 2025 15:01:37 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E6=97=A0=E7=94=A8=E7=9A=84=E8=B7=AF?=
 =?UTF-8?q?=E5=BE=84=E6=A0=A1=E9=AA=8C=E9=80=BB=E8=BE=91=E5=8E=BB=E6=8E=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 石佳炜 <shijiawei11@huawei.com>
---
 interfaces/common/src/common_func.cpp         |  2 +-
 interfaces/common/src/sandbox_helper.cpp      |  7 ++-----
 .../native/file_uri/src/file_uri.cpp          |  6 +++---
 .../remote_file_share_test.cpp                |  4 ++--
 utils/src/b_filesystem/b_dir.cpp              | 21 +++++++++++++++++--
 5 files changed, 27 insertions(+), 13 deletions(-)

diff --git a/interfaces/common/src/common_func.cpp b/interfaces/common/src/common_func.cpp
index ac37cffbd..1218cf70e 100644
--- a/interfaces/common/src/common_func.cpp
+++ b/interfaces/common/src/common_func.cpp
@@ -111,7 +111,7 @@ static void NormalizePath(string &path)
 string CommonFunc::GetUriFromPath(const string &path)
 {
     if (!SandboxHelper::IsValidPath(path)) {
-        LOGE("path is ValidPath, The path contains '/./' or '../'characters");
+        LOGE("path is ValidPath, The path contains '../' characters");
         return "";
     }
     if (path.find(FILE_SCHEME_PREFIX) == 0) {
diff --git a/interfaces/common/src/sandbox_helper.cpp b/interfaces/common/src/sandbox_helper.cpp
index 854ddcab0..6c274917b 100644
--- a/interfaces/common/src/sandbox_helper.cpp
+++ b/interfaces/common/src/sandbox_helper.cpp
@@ -376,7 +376,7 @@ int32_t SandboxHelper::GetPhysicalPath(const std::string &fileUri, const std::st
                                        std::string &physicalPath)
 {
     if (!IsValidPath(fileUri)) {
-        LOGE("fileUri is ValidUri, The fileUri contains '/./' or '../'characters");
+        LOGE("fileUri is ValidUri, The fileUri contains '../' characters");
         return -EINVAL;
     }
     Uri uri(fileUri);
@@ -416,7 +416,7 @@ int32_t SandboxHelper::GetBackupPhysicalPath(const std::string &fileUri, const s
                                              std::string &physicalPath)
 {
     if (!IsValidPath(fileUri)) {
-        LOGE("fileUri is ValidUri, The fileUri contains '/./' or '../'characters");
+        LOGE("fileUri is ValidUri, The fileUri contains '../' characters");
         return -EINVAL;
     }
     Uri uri(fileUri);
@@ -454,9 +454,6 @@ int32_t SandboxHelper::GetBackupPhysicalPath(const std::string &fileUri, const s
 
 bool SandboxHelper::IsValidPath(const std::string &filePath)
 {
-    if (filePath.find("/./") != std::string::npos) {
-        return false;
-    }
     size_t pos = filePath.find(PATH_INVALID_FLAG1);
     while (pos != string::npos) {
         if (pos == 0 || filePath[pos - 1] == BACKSLASH) {
diff --git a/interfaces/innerkits/native/file_uri/src/file_uri.cpp b/interfaces/innerkits/native/file_uri/src/file_uri.cpp
index d13f58ab0..b7674f81e 100644
--- a/interfaces/innerkits/native/file_uri/src/file_uri.cpp
+++ b/interfaces/innerkits/native/file_uri/src/file_uri.cpp
@@ -151,7 +151,7 @@ string FileUri::GetRealPathBySA(const std::string &targetBundleName)
 {
     string sandboxPath = DecodeBySA(uri_.GetPath());
     if (sandboxPath.empty() || !SandboxHelper::IsValidPath(sandboxPath)) {
-        LOGE("path is ValidPath, The path contains '/./' or '../'characters");
+        LOGE("path is ValidPath, The path contains '../' characters");
         return "";
     }
     string realPath = sandboxPath;
@@ -174,7 +174,7 @@ string FileUri::GetFullDirectoryUri()
 {
     string uri = uri_.ToString();
     if (!SandboxHelper::IsValidPath(uri)) {
-        LOGE("uri is ValidUri, The uri contains '/./' or '../'characters");
+        LOGE("uri is ValidUri, The uri contains '../' characters");
         return "";
     }
     struct stat fileInfo;
@@ -213,7 +213,7 @@ bool FileUri::CheckUriFormat(const std::string &uri)
         return false;
     }
     if (!SandboxHelper::IsValidPath(uri)) {
-        LOGE("uri is ValidPath, The uri contains '/./' or '../'characters");
+        LOGE("uri is ValidPath, The uri contains '../' characters");
         return false;
     }
     return true;
diff --git a/test/unittest/remote_file_share/remote_file_share_test.cpp b/test/unittest/remote_file_share/remote_file_share_test.cpp
index 5df49b322..9a4a76941 100644
--- a/test/unittest/remote_file_share/remote_file_share_test.cpp
+++ b/test/unittest/remote_file_share/remote_file_share_test.cpp
@@ -252,7 +252,7 @@ namespace {
     HWTEST_F(RemoteFileShareTest, Remote_file_share_GetDfsUriFromLocal_0007, testing::ext::TestSize.Level1)
     {
         GTEST_LOG_(INFO) << "RemoteFileShareTest-begin  Remote_file_share_GetDfsUriFromLocal_0007";
-        const string uriStr = "file://com.demo.a/./data/storage/el2/base/remote_file_share_test.txt";
+        const string uriStr = "file://com.demo.a/../data/storage/el2/base/remote_file_share_test.txt";
         const int userId = 100;
         HmdfsUriInfo hui;
         int ret = RemoteFileShare::GetDfsUriFromLocal(uriStr, userId, hui);
@@ -732,7 +732,7 @@ namespace {
     HWTEST_F(RemoteFileShareTest, remote_file_share_test_0017, testing::ext::TestSize.Level1)
     {
         GTEST_LOG_(INFO) << "RemoteFileShareTest-begin  remote_file_share_test_0017";
-        vector<string> uriList = {"file://docs/storage/Users/currentUser/./Document/1.txt"};
+        vector<string> uriList = {"file://docs/storage/Users/currentUser/../Document/1.txt"};
         const string networkId = "100";
         const string deviceId = "001";
         vector<string> resultList;
diff --git a/utils/src/b_filesystem/b_dir.cpp b/utils/src/b_filesystem/b_dir.cpp
index 3cefa2276..14747e4f0 100644
--- a/utils/src/b_filesystem/b_dir.cpp
+++ b/utils/src/b_filesystem/b_dir.cpp
@@ -34,7 +34,6 @@
 #include "directory_ex.h"
 #include "errors.h"
 #include "filemgmt_libhilog.h"
-#include "sandbox_helper.h"
 #include "b_utils/scan_file_singleton.h"
 
 namespace OHOS::FileManagement::Backup {
@@ -43,6 +42,9 @@ const int32_t PATH_MAX_LEN = 4096;
 const size_t TOP_ELE = 0;
 const std::string APP_DATA_DIR = BConstants::PATH_PUBLIC_HOME +
     BConstants::PATH_APP_DATA + BConstants::FILE_SEPARATOR_CHAR;
+const std::string PATH_INVALID_FLAG1 = "../";
+const std::string PATH_INVALID_FLAG2 = "/..";
+const uint32_t PATH_INVALID_FLAG_LEN = 3;
 
 static bool IsEmptyDirectory(const string &path)
 {
@@ -528,7 +530,22 @@ vector<string> BDir::GetDirs(const vector<string_view> &paths)
 
 bool BDir::IsFilePathValid(const std::string &filePath)
 {
-    return AppFileService::SandboxHelper::IsValidPath(filePath);
+    size_t pos = filePath.find(PATH_INVALID_FLAG1);
+    while (pos != string::npos) {
+        if (pos == 0 || filePath[pos - 1] == BConstants::FILE_SEPARATOR_CHAR) {
+            HILOGE("Relative path is not allowed, path contain ../, path = %{private}s",
+                GetAnonyString(filePath).c_str());
+            return false;
+        }
+        pos = filePath.find(PATH_INVALID_FLAG1, pos + PATH_INVALID_FLAG_LEN);
+    }
+    pos = filePath.rfind(PATH_INVALID_FLAG2);
+    if ((pos != string::npos) && (filePath.size() - pos == PATH_INVALID_FLAG_LEN)) {
+        HILOGE("Relative path is not allowed, path tail is /.., path = %{private}s",
+            GetAnonyString(filePath).c_str());
+        return false;
+    }
+    return true;
 }
 
 bool BDir::CheckAndRmSoftLink(const std::string &filePath)
-- 
Gitee