koishi-plugin-spawn-modified 1.2.7 → 1.2.8

package/lib/utils.js

@@ -0,0 +1,206 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildRegex = buildRegex;
+exports.isCommandBlocked = isCommandBlocked;
+exports.stripQuotes = stripQuotes;
+exports.tokenizeCommand = tokenizeCommand;
+exports.isPathLike = isPathLike;
+exports.resolveCandidatePath = resolveCandidatePath;
+exports.extractPathCandidates = extractPathCandidates;
+exports.isWithinRoot = isWithinRoot;
+exports.validatePathAccess = validatePathAccess;
+exports.validateCdCommand = validateCdCommand;
+exports.maskCurlOutput = maskCurlOutput;
+exports.isPrivateIpv4 = isPrivateIpv4;
+exports.escapeHtml = escapeHtml;
+var os_1 = __importDefault(require("os"));
+var path_1 = __importDefault(require("path"));
+// 命令过滤：支持黑名单/白名单模式
+function buildRegex(entry) {
+    try {
+        return new RegExp(entry, 'i');
+    }
+    catch (_) {
+        // 回退为逐字匹配，防止用户写了非法正则
+        var escaped = entry.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+        try {
+            return new RegExp(escaped, 'i');
+        }
+        catch (_) {
+            return null;
+        }
+    }
+}
+function isCommandBlocked(command, mode, list) {
+    if (!(list === null || list === void 0 ? void 0 : list.length))
+        return false;
+    var trimmedCommand = command.trim();
+    var hit = list.some(function (entry) {
+        var regex = buildRegex(entry);
+        return regex ? regex.test(trimmedCommand) : false;
+    });
+    return mode === 'blacklist' ? hit : !hit;
+}
+function stripQuotes(text) {
+    return text.replace(/^['"]|['"]$/g, '');
+}
+function tokenizeCommand(command) {
+    var tokens = [];
+    var current = '';
+    var quote = null;
+    for (var i = 0; i < command.length; i++) {
+        var char = command[i];
+        if ((char === '"' || char === "'") && (quote === null || quote === char)) {
+            quote = quote ? null : char;
+            continue;
+        }
+        if (!quote && /\s/.test(char)) {
+            if (current) {
+                tokens.push(current);
+                current = '';
+            }
+            continue;
+        }
+        current += char;
+    }
+    if (current)
+        tokens.push(current);
+    return tokens;
+}
+function isPathLike(token) {
+    var trimmed = token.trim();
+    if (!trimmed)
+        return false;
+    if (/^[|&><]+$/.test(trimmed))
+        return false;
+    if (/^-{1,2}[a-zA-Z0-9][\w-]*$/.test(trimmed))
+        return false;
+    if (/^\$[A-Za-z_][A-Za-z0-9_]*$/.test(trimmed))
+        return false;
+    var normalized = stripQuotes(trimmed);
+    return (/^[A-Za-z]:[\\\/]/.test(normalized) ||
+        normalized.startsWith('/') ||
+        normalized.startsWith('~') ||
+        normalized.startsWith('..') ||
+        normalized.startsWith('./') ||
+        normalized.includes('/') ||
+        normalized.includes('\\'));
+}
+function resolveCandidatePath(candidate, currentDir) {
+    var _a;
+    var cleaned = stripQuotes(candidate.trim());
+    var homeDir = ((_a = os_1.default.homedir) === null || _a === void 0 ? void 0 : _a.call(os_1.default)) || '';
+    if (cleaned.startsWith('~')) {
+        var withoutTilde = cleaned.slice(1).replace(/^[/\\]/, '');
+        var homeResolved = homeDir ? path_1.default.join(homeDir, withoutTilde) : cleaned;
+        return path_1.default.resolve(homeResolved);
+    }
+    return path_1.default.resolve(currentDir, cleaned);
+}
+function extractPathCandidates(command) {
+    var tokens = tokenizeCommand(command);
+    var candidates = [];
+    for (var _i = 0, tokens_1 = tokens; _i < tokens_1.length; _i++) {
+        var token = tokens_1[_i];
+        var normalized = stripQuotes(token);
+        if (isPathLike(normalized)) {
+            candidates.push(normalized);
+            continue;
+        }
+        var eqIndex = normalized.indexOf('=');
+        if (eqIndex > 0) {
+            var value = normalized.slice(eqIndex + 1);
+            if (isPathLike(value)) {
+                candidates.push(value);
+            }
+        }
+    }
+    return candidates;
+}
+// 解析 cd 命令并验证路径
+function isWithinRoot(rootDir, targetPath) {
+    var relative = path_1.default.relative(rootDir, targetPath);
+    return relative === '' || (!relative.startsWith('..') && !path_1.default.isAbsolute(relative));
+}
+function validatePathAccess(command, currentDir, rootDir, restrictDirectory) {
+    if (!restrictDirectory)
+        return { valid: true };
+    var normalizedRoot = path_1.default.resolve(rootDir);
+    var candidates = extractPathCandidates(command);
+    for (var _i = 0, candidates_1 = candidates; _i < candidates_1.length; _i++) {
+        var candidate = candidates_1[_i];
+        var resolved = resolveCandidatePath(candidate, currentDir);
+        if (!isWithinRoot(normalizedRoot, resolved)) {
+            return { valid: false, error: 'restricted-path' };
+        }
+    }
+    return { valid: true };
+}
+function validateCdCommand(command, currentDir, rootDir, restrictDirectory) {
+    if (!restrictDirectory)
+        return { valid: true };
+    var normalizedRoot = path_1.default.resolve(rootDir);
+    var cdMatches = [];
+    var cdRegex = /\bcd\s+([^;&|\n]+)/gi;
+    var m;
+    while ((m = cdRegex.exec(command)) !== null) {
+        cdMatches.push(m);
+    }
+    if (!cdMatches.length)
+        return { valid: true };
+    // 若命令被链式运算符分隔且包含 cd，则要求所有 cd 目标都在指定 root 下，否则拒绝
+    for (var _i = 0, cdMatches_1 = cdMatches; _i < cdMatches_1.length; _i++) {
+        var match = cdMatches_1[_i];
+        var target = match[1].trim().replace(/['"]/g, '');
+        var absolutePath = path_1.default.resolve(currentDir, target);
+        if (!isWithinRoot(normalizedRoot, absolutePath)) {
+            return { valid: false, error: 'restricted-directory' };
+        }
+    }
+    // 仅当命令是单独的 cd 时才更新会话目录，避免链式命令切换目录后执行其他操作
+    var singleCdOnly = /^\s*cd\s+[^;&|\n]+\s*$/i.test(command);
+    if (singleCdOnly) {
+        var target = cdMatches[0][1].trim().replace(/['"]/g, '');
+        var absolutePath = path_1.default.resolve(currentDir, target);
+        return { valid: true, newDir: absolutePath };
+    }
+    return { valid: true };
+}
+function maskCurlOutput(command, output) {
+    if (!output)
+        return output;
+    if (!/\bcurl\b/i.test(command))
+        return output;
+    var ipv4Regex = /\b(?:(?:25[0-5]|2[0-4]\d|1?\d?\d)\.){3}(?:25[0-5]|2[0-4]\d|1?\d?\d)\b/g;
+    return output.replace(ipv4Regex, function (ip) { return (isPrivateIpv4(ip) ? ip : '*.*.*.*'); });
+}
+function isPrivateIpv4(ip) {
+    var octets = ip.split('.').map(Number);
+    if (octets.length !== 4)
+        return false;
+    if (octets.some(function (octet) { return Number.isNaN(octet) || octet < 0 || octet > 255; }))
+        return false;
+    var a = octets[0], b = octets[1];
+    if (a === 10)
+        return true;
+    if (a === 172 && b >= 16 && b <= 31)
+        return true;
+    if (a === 192 && b === 168)
+        return true;
+    if (a === 127)
+        return true;
+    if (a === 169 && b === 254)
+        return true;
+    return false;
+}
+function escapeHtml(text) {
+    return text
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#039;');
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "koishi-plugin-spawn-modified",
-  "version": "1.2.7",
+  "version": "1.2.8",
   "description": "Run shell commands with Koishi",
   "keywords": [
     "bot",

package/src/config.ts

@@ -0,0 +1,33 @@
+import { Schema, Time } from 'koishi'
+
+const encodings = ['utf8', 'utf16le', 'latin1', 'ucs2'] as const
+
+export interface Config {
+    root?: string
+    shell?: string
+    encoding?: typeof encodings[number]
+    timeout?: number
+    debug?: boolean
+    renderImage?: boolean
+    exemptUsers?: string[]
+    blockedCommands?: string[]
+    restrictDirectory?: boolean
+    authority?: number
+    commandFilterMode?: 'blacklist' | 'whitelist'
+    commandList?: string[]
+}
+
+export const Config: Schema<Config> = Schema.object({
+    root: Schema.string().description('工作路径。').default(''),
+    shell: Schema.string().description('运行命令的程序。'),
+    encoding: Schema.union(encodings).description('输出内容编码。').default('utf8'),
+    timeout: Schema.number().description('最长运行时间。').default(Time.minute),
+    debug: Schema.boolean().description('开启调试模式，将群组ID、用户ID等信息输出到日志。').default(false),
+    renderImage: Schema.boolean().description('是否将命令执行结果渲染为图片（需要安装 puppeteer 插件）。').default(false),
+    exemptUsers: Schema.array(String).description('例外用户列表，格式为 "群组ID:用户ID"。私聊时群组ID为0。匹配的用户将无视一切过滤器。').default([]),
+    blockedCommands: Schema.array(String).description('违禁命令列表（命令的开头部分）。').default([]),
+    restrictDirectory: Schema.boolean().description('是否限制在当前目录及子目录内执行命令（禁止 cd 到上级或其他目录）。').default(false),
+    authority: Schema.number().description('exec 命令所需权限等级。').default(4),
+    commandFilterMode: Schema.union(['blacklist', 'whitelist']).description('命令过滤模式：blacklist/whitelist').default('blacklist'),
+    commandList: Schema.array(String).description('命令过滤列表，配合过滤模式使用（为空则不限制）。').default([]),
+})