You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by ni...@apache.org on 2020/05/06 11:16:52 UTC
[kylin] branch 2.6.x updated: KYLIN-4426 CliCommandExecutor
This is an automated email from the ASF dual-hosted git repository.
nic pushed a commit to branch 2.6.x
in repository https://gitbox.apache.org/repos/asf/kylin.git
The following commit(s) were added to refs/heads/2.6.x by this push:
new 0888c86 KYLIN-4426 CliCommandExecutor
0888c86 is described below
commit 0888c867a52479840a6f3fcd812f9305a95b8dfd
Author: XiaoxiangYu <hi...@126.com>
AuthorDate: Fri Apr 10 12:01:49 2020 +0800
KYLIN-4426 CliCommandExecutor
---
.../kylin/common/util/CliCommandExecutor.java | 13 ++++++++--
.../kylin/common/util/CliCommandExecutorTest.java | 29 ++++++++++++++--------
.../org/apache/kylin/rest/service/CubeService.java | 11 ++++++--
3 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/core-common/src/main/java/org/apache/kylin/common/util/CliCommandExecutor.java b/core-common/src/main/java/org/apache/kylin/common/util/CliCommandExecutor.java
index eda3c5e..c7600fd 100644
--- a/core-common/src/main/java/org/apache/kylin/common/util/CliCommandExecutor.java
+++ b/core-common/src/main/java/org/apache/kylin/common/util/CliCommandExecutor.java
@@ -164,6 +164,7 @@ public class CliCommandExecutor {
}
public static final String COMMAND_INJECT_REX = "[ &`>|{}()$;\\-#~!+*”\\\\]+";
+ public static final String COMMAND_WHITE_LIST = "[^\\w%,@/:=?.\"\\[\\]]";
/**
* <pre>
@@ -187,9 +188,17 @@ public class CliCommandExecutor {
* </pre>
*/
public static String checkParameter(String commandParameter) {
- String repaired = commandParameter.replaceAll(COMMAND_INJECT_REX, "");
+ return checkParameter(commandParameter, COMMAND_INJECT_REX);
+ }
+
+ public static String checkParameterWhiteList(String commandParameter) {
+ return checkParameter(commandParameter, COMMAND_WHITE_LIST);
+ }
+
+ private static String checkParameter(String commandParameter, String rex) {
+ String repaired = commandParameter.replaceAll(rex, "");
if (repaired.length() != commandParameter.length()) {
- logger.info("Detected illegal character in command {}, replace it to {}.", commandParameter, repaired);
+ logger.info("Detected illegal character in command {} by {} , replace it to {}.", commandParameter, rex, repaired);
}
return repaired;
}
diff --git a/core-common/src/test/java/org/apache/kylin/common/util/CliCommandExecutorTest.java b/core-common/src/test/java/org/apache/kylin/common/util/CliCommandExecutorTest.java
index b088e02..043e4b5 100644
--- a/core-common/src/test/java/org/apache/kylin/common/util/CliCommandExecutorTest.java
+++ b/core-common/src/test/java/org/apache/kylin/common/util/CliCommandExecutorTest.java
@@ -23,20 +23,29 @@ import static org.junit.Assert.assertEquals;
public class CliCommandExecutorTest {
+ private String[][] commands = {
+ {"nslookup unknown.com &", "nslookupunknown.com"},
+ {"cat `whoami`", "catwhoami"},
+ {"echo \"kylin@headnode:/home/kylin/lib/job.jar?key=Value123\",", "echo\"kylin@headnode:/home/kylin/lib/job.jar?key=Value123\","},
+ {"whoami > /var/www/static/whoami.txt", "whoami/var/www/static/whoami.txt"},
+ {"mysql_test@jdbc,url=jdbc:mysql://localhost:3306/kylin,username=kylin_test,password=bUmSqT/opyqz89Geu0yQ3g==,maxActive=10,maxIdle=10,passwordEncrypted=true", "mysql_test@jdbc,url=jdbc:mysql://localhost:3306/kylin,username=kylin_test,password=bUmSqT/opyqz89Geu0yQ3g==,maxActive=10,maxIdle=10,passwordEncrypted=true"},
+ {"c1 || c2# || c3 || *c4\\", "c1c2c3c4"},
+ {"c1 &&", "c1"},
+ {"c1 + > c2 [p1]%", "c1c2[p1]%"},
+ {"c1 | ${c2}", "c1c2"},
+ };
+
@Test
public void testCmd() {
- String[][] commands = {
- {"nslookup unknown.com &", "nslookupunknown.com"},
- {"cat `whoami`", "catwhoami"},
- {"whoami > /var/www/static/whoami.txt", "whoami/var/www/static/whoami.txt"},
- {"c1 || c2# || c3 || *c4\\", "c1c2c3c4"},
- {"c1 &&", "c1"},
- {"c1 + > c2 [p1]%", "c1c2[p1]%"},
- {"c1 | ${c2}", "c1c2"},
- };
-
for (String[] pair : commands) {
assertEquals(pair[1], CliCommandExecutor.checkParameter(pair[0]));
}
}
+
+ @Test
+ public void testCmd2() {
+ for (String[] pair : commands) {
+ assertEquals(pair[1], CliCommandExecutor.checkParameterWhiteList(pair[0]));
+ }
+ }
}
diff --git a/server-base/src/main/java/org/apache/kylin/rest/service/CubeService.java b/server-base/src/main/java/org/apache/kylin/rest/service/CubeService.java
index f481ef2..219d0d2 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/CubeService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/CubeService.java
@@ -1054,8 +1054,15 @@ public class CubeService extends BasicService implements InitializingBean {
"Destination configuration should not be empty.");
String stringBuilder = ("%s/bin/kylin.sh org.apache.kylin.tool.CubeMigrationCLI %s %s %s %s %s %s true true");
- String cmd = String.format(Locale.ROOT, stringBuilder, KylinConfig.getKylinHome(), srcCfgUri, dstCfgUri,
- cube.getName(), projectName, config.isAutoMigrateCubeCopyAcl(), config.isAutoMigrateCubePurge());
+ String cmd = String.format(Locale.ROOT,
+ stringBuilder,
+ KylinConfig.getKylinHome(),
+ CliCommandExecutor.checkParameterWhiteList(srcCfgUri),
+ CliCommandExecutor.checkParameterWhiteList(dstCfgUri),
+ cube.getName(),
+ CliCommandExecutor.checkParameterWhiteList(projectName),
+ config.isAutoMigrateCubeCopyAcl(),
+ config.isAutoMigrateCubePurge());
logger.info("One click migration cmd: " + cmd);