English 中文(简体)
在 nodejs 中使用“ exec” 将单词文件转换为 pdf 是否通过 `pandoc' 将单词文件转换为安全方式?
原标题:Is using `exec` in nodejs to convert word file to pdf via `pandoc` a safe way?
I am converting Word files to PDF or HTML for preview page in a server queue jobs (run in nodejs), and use latest pandoc (3.2.1). But I think letting nodejs run a shell command should not a safe way. Is it safe? Or any other better way to do that? (But it s an extra file processing server and no any permission to access other resources, it will be safe even the code is no safe, LOL) This is some of my code in queue s job: const fileKey= uploads/xxxx.docx ;// the files are store in storage service s uploads dir let filePath= this.downloadToLocalTmp(filePath) let outputPath = tmpdir() + path.sep + (fileKey.substring(fileKey.lastIndexOf( / ))); filePath = filePath.replaceAll( , );// by @joesv s advice, keep safe `; rm -rf /` => ;rm-rf/ outputPath = outputPath.replaceAll( , ); try { // using pandoc in next release (1.2.0) if (isUsePandoc) { // note: pandoc not support doc Logger.warn( using pandoc converting ); const command = `pandoc --embed-resources -o ${outputPath} ${filePath}`; Logger.debug(`exec command: ${command} `); const stdout = execSync(command, { timeout: timeout }); Logger.debug(`exec command stdout: ${stdout.toString()}`); } else { // note: libreoffice support both doc + docx Logger.warn( using libreoffice converting ); await libreOfficeFileConverter.convertFile(filePath, tmpdir(), pdf ); } Logger.debug( convertWordFile finished : + filePath); return outputPath; } catch (error) { Logger.error( convertWordFile error : + error); throw error; } // ... upload to storage service
最佳回答
Calling pandoc usually means that it has access to the file system, which can sometimes be exploited via specially crafted documents. See the "a note on security" section in the pandoc manual. A more secure method would be to run pandoc as a server (pandoc server), as this will ensure that pandoc has no access to the file system. Or use the --sandbox flag, which will give you similar guarantees. In that case using exec should be fine.
时间:2024-07-19 12:36:18
问题回答
Unless you can confirm there s nothing malicious in outputPath or filePath, yes. The snippet of code you shared isn t enough to give a definitive yes nor no. Using the snippet you shared a malicious person could send any value for the variables including something similar to filePath = "/tmp/file.pdf; rm -rf /".
时间:2024-07-19 02:53:25


上一篇:
下一篇:


相关问题
Connecting Actionscript 3.0 with a C++ backend?

I am curious to know if there is a way of connecting a flash front-end to a C++ driven backend? I m not currently working on a project that involves this, but I found out about an application used in ...

时间:2010-01-28 04:58:42 回答:2 展示:1
Django - update a model won t delete the old FileField

I am implementing an application with django, which has a model with a FileField: class Slideshow(models.Model): name = models.CharField(max_length=30,unique=True) thumbnail = models....

时间:2010-01-07 22:01:21 回答:2 展示:1
MS Access 2003 - Really simple query

If I try to duplicate an access file (this file is split into mdb and be mdb, and also has mde files), by importing everything into a brand new access application, why won t the table links work? ...

时间:2009-12-02 17:05:15 回答:1 展示:1
Building a website backend in c#, compiled to a binary

I am creating a novel website that integrates web feeds from around the internet. I want to build a backend that does CPU intensive analysis of the web data on a regular basis, which will eventually ...

时间:2009-11-30 14:39:22 回答:1 展示:1
Need a cool hotkey for my hidden website-login

I am developing a CMS. One of the greatest everyday annoyances when working with it is that when you are on a front-end page, not logged in, and want to make a change, you need to go to the back-end ...

时间:2009-11-13 11:15:01 回答:3 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全