packages/oeAware-manager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
oeAware-manager/0004-add-command-verification.patch
fly_1997 8c2082720c fix data free, plugin display, command plugin bugs 
(cherry picked from commit 2ca264904491e249e48381aa6f19969427484d0a)
2024-12-06 15:53:22 +08:00

205 lines
8.3 KiB
Diff
Raw Blame History

From eff9e77d5a695f2ef800c54206dbe0ac11dc0272 Mon Sep 17 00:00:00 2001
From: fly_1997 <flylove7@outlook.com>
Date: Wed, 27 Nov 2024 10:18:57 +0800
Subject: [PATCH 4/5] add command verification
---
src/plugin/collect/system/CMakeLists.txt | 2 +-
.../collect/system/command/command_base.cpp | 29 ++++++++++---------
.../collect/system/command/command_base.h | 3 ++
.../system/command/command_collector.h | 3 +-
src/plugin/collect/system/kernel_config.cpp | 9 ++++++
src/plugin/collect/system/kernel_config.h | 1 +
src/plugin_mgr/event/subscribe_handler.cpp | 10 ++-----
src/plugin_mgr/instance_run_handler.cpp | 3 +-
8 files changed, 36 insertions(+), 24 deletions(-)
diff --git a/src/plugin/collect/system/CMakeLists.txt b/src/plugin/collect/system/CMakeLists.txt
index ee6044f..af4a239 100644
--- a/src/plugin/collect/system/CMakeLists.txt
+++ b/src/plugin/collect/system/CMakeLists.txt
@@ -1,6 +1,6 @@
cmake_minimum_required(VERSION 3.11)
project(system_collector)
-include_directories(../include)
+include_directories(command)
add_compile_options(-O2 -fPIC -Wall -Wextra)
add_library(system_collector SHARED
thread_collector.cpp
diff --git a/src/plugin/collect/system/command/command_base.cpp b/src/plugin/collect/system/command/command_base.cpp
index bf658b8..e6c0a83 100644
--- a/src/plugin/collect/system/command/command_base.cpp
+++ b/src/plugin/collect/system/command/command_base.cpp
@@ -10,6 +10,7 @@
* See the Mulan PSL v2 for more details.
******************************************************************************/
#include "command_base.h"
+#include <algorithm>
#include <unistd.h>
#include <sys/wait.h>
@@ -59,23 +60,25 @@ CommandBase::CommandBase()
attrsFirst["vmstat"] = {"swpd"};
}
+std::vector<std::string> CommandBase::command{"mpstat", "iostat", "vmstat", "sar", "pidstat"};
+std::vector<std::string> CommandBase::illegal{"|", ";", "&", "$", ">", "<", "`", "\n"};
+
+bool CommandBase::ValidateCmd(const std::string &cmd)
+{
+ for (auto word : illegal) {
+ if (strstr(cmd.c_str(), word.c_str())) {
+ return false;
+ }
+ }
+ return true;
+}
+
bool CommandBase::ValidateArgs(const oeaware::Topic& topic)
{
- auto cmd = GetCommand(topic);
- PopenProcess p;
- p.Popen(cmd);
- if (!p.stream) {
+ if (std::find(command.begin(), command.end(), topic.topicName) == command.end()) {
return false;
}
- char buffer[128];
- bool isValid = false;
- if (fgets(buffer, sizeof(buffer), p.stream) != nullptr) {
- if (strstr(buffer, "Linux") != nullptr || strstr(buffer, "procs") != nullptr) {
- isValid = true;
- }
- }
- p.Pclose();
- return isValid;
+ return ValidateCmd(topic.params);
}
void CommandBase::ParseLine(const std::string& line)
diff --git a/src/plugin/collect/system/command/command_base.h b/src/plugin/collect/system/command/command_base.h
index a6d7627..ef9bd7c 100644
--- a/src/plugin/collect/system/command/command_base.h
+++ b/src/plugin/collect/system/command/command_base.h
@@ -35,9 +35,12 @@ public:
oeaware::Topic topic;
std::unordered_map<std::string, std::vector<std::string>> attrsFirst;
std::vector<std::string> skipLine{"---swap--"};
+ static std::vector<std::string> command;
+ static std::vector<std::string> illegal;
CommandBase();
virtual ~CommandBase() = default;
static bool ValidateArgs(const oeaware::Topic& topic);
+ static bool ValidateCmd(const std::string &cmd);
void ParseLine(const std::string& line);
static std::string GetCommand(const oeaware::Topic& topic);
bool FillDataStruct(void* dataStruct);
diff --git a/src/plugin/collect/system/command/command_collector.h b/src/plugin/collect/system/command/command_collector.h
index 26fc7e7..72553e3 100644
--- a/src/plugin/collect/system/command/command_collector.h
+++ b/src/plugin/collect/system/command/command_collector.h
@@ -27,8 +27,7 @@ public:
void Disable() override;
void Run() override;
private:
- std::vector<std::string> topicStr = {"mpstat", "iostat", "vmstat", "sar", "pidstat", "lscpu", "zone_reclaim_mode",
- "meminfo", "ethtool", "ifconfig", "os-release", "version"};
+ std::vector<std::string> topicStr = {"mpstat", "iostat", "vmstat", "sar", "pidstat"};
std::unordered_map<std::string, std::unique_ptr<CommandBase>> collectors;
std::unordered_map<std::string, std::thread> collectThreads;
std::unordered_map<std::string, std::thread> publishThreads;
diff --git a/src/plugin/collect/system/kernel_config.cpp b/src/plugin/collect/system/kernel_config.cpp
index 6bdfc8a..3d25251 100644
--- a/src/plugin/collect/system/kernel_config.cpp
+++ b/src/plugin/collect/system/kernel_config.cpp
@@ -17,6 +17,7 @@
#include <securec.h>
#include <dirent.h>
#include <sys/stat.h>
+#include "command_base.h"
KernelConfig::KernelConfig(): oeaware::Interface()
{
@@ -258,12 +259,20 @@ void KernelConfig::WriteSysParam(const std::string &path, const std::string &val
INFO(logger, "successfully wrote value{" << value <<"} to " << path << ".");
}
+std::vector<std::string> KernelConfig::cmdGroup{"sysctl", "ifconfig", "/sbin/blockdev"};
+
void KernelConfig::SetKernelConfig()
{
for (auto &p : setSystemParams) {
WriteSysParam(p.first, p.second);
}
for (auto &cmd : cmdRun) {
+ auto cmdParts = oeaware::SplitString(cmd, " ");
+ if (cmdParts.empty() || std::find(cmdGroup.begin(), cmdGroup.end(), cmdParts[0]) == cmdGroup.end() ||
+ !CommandBase::ValidateCmd(cmd)) {
+ WARN(logger, "cmd{" << cmd << "} invalid.");
+ continue;
+ }
FILE *pipe = popen(cmd.data(), "r");
if (!pipe) {
WARN(logger, "{" << cmd << "} run failed.");
diff --git a/src/plugin/collect/system/kernel_config.h b/src/plugin/collect/system/kernel_config.h
index aa96886..32049d4 100644
--- a/src/plugin/collect/system/kernel_config.h
+++ b/src/plugin/collect/system/kernel_config.h
@@ -62,6 +62,7 @@ private:
std::unordered_map<std::string, std::string> kernelParams;
std::vector<std::string> cmdRun;
+ static std::vector<std::string> cmdGroup;
std::vector<std::string> allEths;
};
diff --git a/src/plugin_mgr/event/subscribe_handler.cpp b/src/plugin_mgr/event/subscribe_handler.cpp
index 8697958..f29b455 100644
--- a/src/plugin_mgr/event/subscribe_handler.cpp
+++ b/src/plugin_mgr/event/subscribe_handler.cpp
@@ -14,24 +14,20 @@
namespace oeaware {
Result SubscribeHandler::Subscribe(const std::string &name, const Topic &topic)
{
- Result result;
if (!memoryStore->IsInstanceExist(topic.instanceName)) {
WARN(logger, "The subscribed instance " << topic.instanceName << " does not exist.");
- result.code = -1;
- return result;
+ return Result(FAILED, "instance does not exist.");
}
auto instance = memoryStore->GetInstance(topic.instanceName);
if (!instance->supportTopics.count(topic.topicName)) {
WARN(logger, "The subscribed topic " << topic.topicName << " does not exist.");
- result.code = -1;
- return result;
+ return Result(FAILED, "topic does not exist.");
}
auto msg = std::make_shared<InstanceRunMessage>(RunType::SUBSCRIBE,
std::vector<std::string>{topic.GetType(), name});
instanceRunHandler->RecvQueuePush(msg);
msg->Wait();
- result = msg->result;
- return result;
+ return msg->result;
}
EventResult SubscribeHandler::Handle(const Event &event)
diff --git a/src/plugin_mgr/instance_run_handler.cpp b/src/plugin_mgr/instance_run_handler.cpp
index 30dc886..abee581 100644
--- a/src/plugin_mgr/instance_run_handler.cpp
+++ b/src/plugin_mgr/instance_run_handler.cpp
@@ -61,7 +61,8 @@ Result InstanceRunHandler::Subscribe(const std::vector<std::string> &payload)
if (!topicState[topic.instanceName][topic.topicName][topic.params]) {
result = instance->interface->OpenTopic(topic);
if (result.code < 0) {
- WARN(logger, "topic open failed, " << result.payload);
+ WARN(logger, "topic{" << LogText(topic.instanceName) << ", " << LogText(topic.topicName) << ", " <<
+ LogText(topic.params) << "} open failed, " << result.payload);
DisableInstance(instance->name);
return result;
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink