fix: enhance thread safety and exception handling for DFileInfo#272
Closed
liyigang1 wants to merge 1 commit into
Closed
fix: enhance thread safety and exception handling for DFileInfo#272liyigang1 wants to merge 1 commit into
liyigang1 wants to merge 1 commit into
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: liyigang1 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
liyigang1
force-pushed
the
develop/eagle
branch
4 times, most recently
from
3bb8ed9 to
95e746e
Compare
liyigang1
force-pushed
the
develop/eagle
branch
2 times, most recently
from
746e028 to
c5eef31
Compare
Use std::string for directory path concatenation to avoid QString's normalization of UTF-8 BOM (U+FEFF / zero-width no-break space). 使用 std::string 进行路径拼接,避免 QString 对 UTF-8 BOM (零宽不换行空格) 的规范化导致字节丢失。 Log: 修复路径拼接时 BOM 字符丢失的问题 Bug: https://pms.uniontech.com//bug-view-367075.html Influence: 修复后包含 BOM/零宽不换行空格的路径能正确拼接,避免文件操作失败。
deepin pr auto review★ 总体评分:100分■ 【总体评价】
■ 【详细分析】
■ 【改进建议代码示例】 QUrl DEnumeratorPrivate::buildUrl(const QUrl &url, const char *fileName)
{
// 防御空指针,避免std::string或QByteArray构造时崩溃
if (!fileName) {
return QUrl();
}
// 拦截路径遍历攻击,防止恶意文件名越权
QByteArray fileNameBa(fileName);
// 拦截路径遍历攻击:禁止文件名中包含任何路径分隔符,精确拦截 ".." 避免误杀正常隐藏文件
if (fileNameBa.contains('/') || fileNameBa.contains('\\') || fileNameBa == "..") {
return QUrl();
}
QByteArray path;
QString urlPath = url.path();
if (urlPath == "/" || urlPath.isEmpty()) {
path = QByteArray("/") + fileNameBa;
} else {
QByteArray dirPath = urlPath.toUtf8();
if (!dirPath.endsWith('/')) {
dirPath.append('/');
}
// 使用QByteArray进行底层字节数组拼接,避免QString剥离BOM (efbbbf)
path = dirPath + fileNameBa;
}
// 保留原始 URL 的 scheme 和 host,而不是假定为本地文件
QUrl newUrl(url);
newUrl.setPath(QString::fromUtf8(path));
return newUrl;
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Made mutex mutable to allow thread-safe access in const methods Added comprehensive mutex locking for shared resource protection Implemented exception handling for GIO function calls to prevent crashes Simplified initialization logic by removing redundant early return paths Enhanced resource management with safe GFileInfo cleanup Added extensive concurrency test suite to validate thread safety improvements
Log: Fix concurrent access issues and prevent potential crashes from GIO exceptions
Influence:
fix: 增强 DFileInfo 线程安全性和异常处理能力
将互斥锁改为mutable以支持const方法中的线程安全访问
为共享资源添加全面的互斥锁保护
对GIO函数调用实现异常处理以防止崩溃
通过移除冗余的早期返回逻辑简化初始化流程
增强资源管理,安全清理GFileInfo
添加全面的并发测试套件以验证线程安全改进
Log: 修复并发访问问题,防止GIO异常导致的潜在崩溃
Influence: