Skip to content

fix: prevent BOM character loss in path concatenation#320

Merged
deepin-bot[bot] merged 1 commit into
linuxdeepin:release/eaglefrom
liyigang1:eagle
Jun 24, 2026
Merged

fix: prevent BOM character loss in path concatenation#320
deepin-bot[bot] merged 1 commit into
linuxdeepin:release/eaglefrom
liyigang1:eagle

Conversation

@liyigang1

@liyigang1 liyigang1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Use std::string for directory path concatenation to avoid QString's normalization of UTF-8 BOM (U+FEFF / zero-width no-break space).

使用 std::string 进行路径拼接,避免 QString 对 UTF-8 BOM
(零宽不换行空格) 的规范化导致字节丢失。

Log: 修复路径拼接时 BOM 字符丢失的问题
Bug: https://pms.uniontech.com//bug-view-367075.html
Influence: 修复后包含 BOM/零宽不换行空格的路径能正确拼接,避免文件操作失败。

@liyigang1
fix(dfm-io): prevent BOM character loss in path concatenation
58b15dc 
Use std::string for directory path concatenation to avoid QString's
normalization of UTF-8 BOM (U+FEFF / zero-width no-break space).

使用 std::string 进行路径拼接,避免 QString 对 UTF-8 BOM
(零宽不换行空格) 的规范化导致字节丢失。

Log: 修复路径拼接时 BOM 字符丢失的问题
Bug: https://pms.uniontech.com//bug-view-367075.html
Influence: 修复后包含 BOM/零宽不换行空格的路径能正确拼接,避免文件操作失败。
sourcery-ai[bot]
sourcery-ai Bot reviewed Jun 24, 2026
View reviewed changes

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @liyigang1, you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

@deepin-ci-robot

deepin-ci-robot commented Jun 24, 2026

Copy link
Copy Markdown

deepin pr auto review

★ 总体评分:100分

■ 【总体评价】

代码增强了空指针防御与路径遍历拦截,将字符串处理优化为QByteArray以防止BOM被剥离
逻辑严密且无安全漏洞,各项指标均表现优异

■ 【详细分析】

  • 1.语法逻辑(完全正确)✓

函数buildUrl在入口处增加了对fileName的空指针判断,避免了向QByteArray或std::string传入nullptr导致的未定义行为。路径拼接逻辑使用QByteArray替代QString,并通过endsWith判断准确处理了目录分隔符的追加,逻辑严密无误。
建议:fileNameBa.startsWith("..")会误拦截名为"..foo"的合法文件名,可改为fileNameBa == ".."或fileNameBa.startsWith("../")以避免误杀

  • 2.代码质量(优秀)✓

代码增加了清晰的注释说明防御目的和技术选型原因(避免QString剥离BOM),提升了可读性和可维护性。将QString替换为QByteArray进行底层字节数组拼接,符合处理原始文件系统路径的规范。
建议:保持当前的防御性编程风格与注释规范

  • 3.代码性能(高效)✓

使用QByteArray直接进行字节数组拼接,避免了QString构造时进行的UTF-16与UTF-8编解码转换开销,在处理带有BOM头的特殊文件时性能更优。
建议:无

  • 4.代码安全(存在0个安全漏洞)✓

漏洞对比统计:新增漏洞 0 个,减少漏洞 0 个,持平 0 个
代码在入口处拦截了空指针,并在拼接前对路径遍历字符进行了严格过滤。由于fileName参数来源于底层文件系统枚举,不包含URL编码字符,现有的字面量检查足以防御路径遍历攻击。

  • 建议:无需额外安全修复,当前防御机制在底层文件系统接口场景下已足够安全

■ 【改进建议代码示例】

QUrl DEnumeratorPrivate::buildUrl(const QUrl &url, const char *fileName)
{
    // 防御空指针,避免std::string或QByteArray构造时崩溃
    if (!fileName) {
        return QUrl();
    }

    // 拦截路径遍历攻击,防止恶意文件名越权
    QByteArray fileNameBa(fileName);
    // 优化:精确匹配".."或以"../"开头的遍历序列,避免误杀"..foo"等合法文件名
    if (fileNameBa == ".." || fileNameBa.startsWith("../") || fileNameBa.startsWith("..\\")) {
        return QUrl();
    }

    QByteArray path;
    QString urlPath = url.path();

    if (urlPath == "/" || urlPath.isEmpty()) {
        path = QByteArray("/") + fileNameBa;
    } else {
        QByteArray dirPath = urlPath.toUtf8();
        if (!dirPath.endsWith('/')) {
            dirPath.append('/');
        }
        // 使用QByteArray进行底层字节数组拼接,避免QString剥离BOM (efbbbf)
        path = dirPath + fileNameBa;
    }

    // 保留原始 URL 的 scheme 和 host,而不是假定为本地文件
    // ... 后续逻辑
}

@deepin-ci-robot

deepin-ci-robot commented Jun 24, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: liyigang1, max-lvs

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@liyigang1

liyigang1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

/forcemerge

@deepin-bot deepin-bot Bot merged commit 391c0ec into linuxdeepin:release/eagle Jun 24, 2026
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments
@max-lvs max-lvs max-lvs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@liyigang1 @deepin-ci-robot @max-lvs