Skip to content

Commit

Permalink
完善日志函数判断,增加安全性,新增函数黑名单、白名单模式
Browse files Browse the repository at this point in the history
  • Loading branch information
@caiweiming
caiweiming committed Aug 29, 2024
1 parent a8ac574 commit 301b2d3
Show file tree
Hide file tree
Showing 2 changed files with 100 additions and 13 deletions.
26 changes: 18 additions & 8 deletions application/common.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1083,7 +1083,7 @@ function action_log($action = null, $model = null, $record_id = '', $user_id = n
foreach ($match[1] as $value){
$param = explode('|', $value);
if(isset($param[1]) && $param[1] != ''){
if (is_disable_func($param[1])) {
if (!check_log_func($param[1])) {
continue;
}
$replace[] = call_user_func($param[1], $log[$param[0]]);
Expand Down Expand Up @@ -1483,24 +1483,34 @@ function dp_send_message($type = '', $content = '', $uids = '') {
}
}

if (!function_exists('is_disable_func')) {
if (!function_exists('check_log_func')) {
/**
* 是否是禁用函数
* 检查日志函数是否合法
* @param string $func
* @return bool
* @author 蔡伟明 <[email protected]>
*/
function is_disable_func($func = '') {
function check_log_func($func = '') {
$func = ltrim($func, '\\');
$func = strtolower($func);

if (!is_string($func) || $func == '') {
return false;
}

$disable_functions = config('system.disable_functions');
if (!$disable_functions) {
return false;
// 获取函数过滤模式
$function_filter = strtolower(config('system.function_filter'));

// 黑名单模式
if ($function_filter === 'black_list') {
$disable_functions = config('system.function_black_list') ?: [];
return !in_array($func, $disable_functions);
}

return in_array(strtolower($func), $disable_functions);
// 白名单模式
$enable_functions = config('system.function_white_list') ?: [];
// 检查白名单是否为空,并判断函数是否在白名单中
return !empty($enable_functions) && in_array(strtolower($func), $enable_functions);
}
}

Expand Down
87 changes: 82 additions & 5 deletions config/system.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,10 @@
'deny_ie' => false,
// 模块管理中,不读取模块信息的目录
'except_module' => ['common', 'admin', 'index', 'extra', 'user', 'install'],
// 禁用函数
'disable_functions' => [
// 函数过滤方式,black_list:黑名单,white_list:白名单
'function_filter' => 'white_list',
// 函数黑名单,在黑名单内的函数将不会被执行
'function_black_list' => [
'eval',
'passthru',
'exec',
Expand All @@ -30,6 +32,81 @@
'symlink',
'popepassthru',
'phpinfo',
'shell_exec'
]
];
'shell_exec',
'fopen',
'fclose',
'fread',
'fwrite',
'file_get_contents',
'file_put_contents',
'unlink',
'rename',
'copy',
'file',
'file_exists',
'mkdir',
'rmdir',
'opendir',
'readdir',
'scandir',
'chdir',
'chroot',
'dir',
'closedir',
'getenv',
'putenv',
'get_current_user',
'get_cfg_var',
'getmyuid',
'getmypid',
'getmyinode',
'getlastmod',
'fsockopen',
'pfsockopen',
'socket_create',
'socket_bind',
'socket_listen',
'socket_accept',
'socket_connect',
'socket_strerror',
'stream_socket_server',
'proc_open',
'proc_close',
'proc_terminate',
'proc_get_status',
'proc_nice',
'assert',
'php_uname',
'getrusage',
'get_include_path',
'set_include_path',
'ini_set',
'pcntl_exec',
'posix_kill',
'posix_mkfifo',
'posix_setpgid',
'posix_setsid',
'posix_setuid',
'posix_seteuid',
'posix_setegid',
'posix_setgid',
'posix_uname',
'fileatime',
'filectime',
'fileinode',
'is_dir',
'is_executable',
'is_writable',
'filegroup',
'fileowner',
'is_file',
'is_writeable',
'stat',
'fileperms',
'is_link',
'parse_ini_file',
'readfile'
],
// 函数白名单,在白名单内的函数才会被执行,空则所有函数都不执行
'function_white_list' => []
];

0 comments on commit 301b2d3

Please sign in to comment.