Skip to content

修复issue#34中提到的bug #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
YourDaddyIsHere wants to merge 2 commits into
base: master
Choose a base branch
from
Open

修复issue#34中提到的bug #40

YourDaddyIsHere wants to merge 2 commits into from

Conversation

@YourDaddyIsHere
Copy link

@YourDaddyIsHere YourDaddyIsHere commented Feb 7, 2018
edited
Loading

修复issue#34中的bug
问题的根源在于TreeMethod.java中的searchNode()有可能把上级子树中同名文件当成我们希望打开的文件。
bug复现:PHP一句话webshell位于/var/www/dvwa/hackable/uploads
我们有一个user文件夹(/var/www/dvwa/hackable/user/user/),我们想从其父目录(/var/www/dvwa/hackable/user/)中,通过右侧窗口通过右弹出键菜单栏-打开。
于此同时,存在另一个目录(/var/www/dvwa/users/).

在(/var/www/dvwa/hackable/user/)中,通过右侧窗口通过右键弹出菜单栏-打开进入(/var/www/dvwa/hackable/user/user/)时,会发现右侧区域正确进入了(/var/www/dvwa/hackable/user/user/)。左侧的目录树路径却进入了(/var/www/dvwa/hackable/user/).

原因在于,searchNode(root, name)方法通过广度优先搜索寻找名字为name的节点(此处的name不包含路径,因此在上述例子中,name为user)。该方法一旦找到name的同名节点就直接return,因此,在上例中(/var/www/dvwa/hackable/user/)节点被返回给左侧,然而我们希望返回(/var/www/dvwa/hackable/user/user/)...

目录结构见截图:
2312

所以,我在TreeMethod.java中新增了一个searchNodeByAbsolutePath(root,abpath)方法,并在FileManagerPopMenu.java中用它替换掉searchNode(root,name)方法。

新的方法根据节点相对于根节点的绝对路径abpath来判断是否return,而非依据name,经过测试,该BUG已经修复。

谨慎起见,原searchNode(root,name),我仍然保留,其他调用searchNode(root,name)方法的文件我也未修改

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@YourDaddyIsHere