因业务需求,要对shell命令添加一个白名单,因此需要对shell进行一个简单的解析,代码跑了两天基本满足现阶段要求,代码如下:
public static void main(String[] args) {
System.out.println(checkCmd("zgrep oHQwN0ZYayuTyNZHAosTKc7uP6vk $logpath | grep -o \"cmd=[^ ]*\" | sort | uniq -c".trim()));
}
public static boolean checkCmd(String grep) {
List<List<String>> unitList = new ArrayList<>();
List<String> tokenList = new ArrayList<>();
boolean flag = false;
char punc = '~';
StringBuilder sb = new StringBuilder();
int pre = 0, i;
for (i = 0; i < grep.length() && pre < grep.length(); i++) {
char c = grep.charAt(i);
if (flag) {
if (c == punc) {
flag = false;
tokenList.add(grep.substring(pre + 1, i));
pre = i + 1;
}
} else {
if (c == ' ' || c == '|') {
tokenList.add(grep.substring(pre, i));
pre = i + 1;
if (c == '|') {
unitList.add(new ArrayList<>(tokenList));
tokenList.clear();
}
} else if ((c == '\'' || c == '"') && !flag) {
flag = true;
punc = c;
}
}
}
if (pre < grep.length()) {
tokenList.add(grep.substring(pre, i));
unitList.add(new ArrayList<>(tokenList));
}
//拿到白名单
List<String> wightTokenList = Utils.getTokenWightList();
for (List<String> list : unitList) {
List<String> tokens = list.stream().filter(s -> !s.trim().equals("")).collect(Collectors.toList());
if (!wightTokenList.contains(tokens.get(0)) || !legalPath(tokens)) {
return false;
}
}
return true;
}
private static boolean legalPath(List<String> tokens) {
if (tokens.get(0).equals("less") || tokens.get(0).equals("cat") || tokens.get(0).equals("nl")) {
String last = tokens.get(tokens.size() - 1);
if (last.indexOf("/") > -1) {
return false;
}
}
return true;
}