漏洞文件漏洞修改 - 流未关闭问题

4bde105b · zhangsen · 5b10dbdf · 4bde105b · 4bde105b · 4bde105b
Commit 4bde105b authored Mar 25, 2024 by zhangsen
6 changed files
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/controller/FileController.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/controller/FileController.java
@@ -236,14 +236,40 @@ public class FileController extends BaseController {
            }
            String htmlContent = (String) processData.get("html");
+            FileOutputStream fileOutputStream = null;
+            OutputStreamWriter outputStreamWriter = null;
+            Writer writer = null;
            try {
-                Writer writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlFileName), "UTF-8"));
+                fileOutputStream = new FileOutputStream(htmlFileName);
+                outputStreamWriter = new OutputStreamWriter(fileOutputStream, "UTF-8");
+                writer = new BufferedWriter(outputStreamWriter);
                writer.write(htmlContent);
                writer.flush();
                writer.close();
            } catch (IOException e) {
                e.printStackTrace();
+            } finally {
+                try {
+                    if (null != writer) {
+                        writer.close();
+                    }
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+                try {
+                    if (null != outputStreamWriter) {
+                        outputStreamWriter.close();
+                    }
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+                try {
+                    if (null != fileOutputStream) {
+                        fileOutputStream.close();
+                    }
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
            }
            String filePath = obj.getString("file");
            processData.put("html", "/" + filePath.substring(0, filePath.lastIndexOf(".")) + ".html");

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileHelper.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileHelper.java
@@ -267,13 +267,15 @@ public class FileHelper {
    public static void writeFile(String content, String path) {
        OutputStream fos = null;
        BufferedWriter bw = null;
+        OutputStreamWriter outputStreamWriter = null;
        try {
            File file = new File(path);
            if (!file.getParentFile().exists()) {
                file.getParentFile().mkdirs();
            }
            fos = new FileOutputStream(file);
-            bw = new BufferedWriter(new OutputStreamWriter(fos, "UTF-8"));
+            outputStreamWriter = new OutputStreamWriter(fos, "UTF-8");
+            bw = new BufferedWriter(outputStreamWriter);
            bw.write(content);
        } catch (FileNotFoundException fnfe) {
            fnfe.printStackTrace();
@@ -281,11 +283,17 @@ public class FileHelper {
            ioe.printStackTrace();
        } finally {
            try {
-                if (bw != null) {
+                if (null != bw) {
                    bw.close();
                }
-            } catch (IOException ioException) {
+                if (null != fos) {
-                System.err.println(ioException.getMessage());
+                    fos.close();
+                }
+                if (null != outputStreamWriter) {
+                    outputStreamWriter.close();
+                }
+            } catch (IOException e) {
+                e.printStackTrace();
            }
        }
    }
@@ -377,9 +385,12 @@ public class FileHelper {
        // 以GB2312读取文件
        BufferedReader br = null;
        BufferedWriter bw = null;
+        FileWriter fileWriter = null;
        try {
-            br = new BufferedReader(new FileReader(htmFile));
+            FileReader fileReader = new FileReader(htmFile);
-            bw = new BufferedWriter(new FileWriter(new File(outPutFile)));
+            br = new BufferedReader(fileReader);
+            fileWriter = new FileWriter(new File(outPutFile));
+            bw = new BufferedWriter(fileWriter);
            String result = null;
            while (null != (result = br.readLine())) {
                if (!"".equals(result.trim())) {
@@ -393,11 +404,22 @@ public class FileHelper {
                if (null != br) {
                    br.close();
                }
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+            try {
                if (null != bw) {
                    bw.close();
                }
            } catch (Exception e) {
+                e.printStackTrace();
+            }
+            try {
+                if (null != fileWriter) {
+                    fileWriter.close();
+                }
+            } catch (Exception e) {
+                e.printStackTrace();
            }
        }
@@ -578,37 +600,27 @@ public class FileHelper {
    }
    public static void nioTransferCopy(File source, File target) {
-        FileChannel in = null;
+        try (
-        FileChannel out = null;
+                FileInputStream inStream = new FileInputStream(source);
-        FileInputStream inStream = null;
+                FileOutputStream outStream = new FileOutputStream(target);
-        FileOutputStream outStream = null;
+                FileChannel in = inStream.getChannel();
-        try {
+                FileChannel out = outStream.getChannel();
-            inStream = new FileInputStream(source);
+        ) {
-            outStream = new FileOutputStream(target);
-            in = inStream.getChannel();
-            out = outStream.getChannel();
            in.transferTo(0, in.size(), out);
        } catch (IOException e) {
            e.printStackTrace();
-        } finally {
-            close(inStream);
-            close(in);
-            close(outStream);
-            close(out);
        }
    }
    private static boolean nioBufferCopy(File source, File target) {
-        FileChannel in = null;
-        FileChannel out = null;
+        try (
-        FileInputStream inStream = null;
+                FileInputStream inStream = new FileInputStream(source);
-        FileOutputStream outStream = null;
+                FileOutputStream outStream = new FileOutputStream(target);
-        try {
+                FileChannel in = inStream.getChannel();
-            inStream = new FileInputStream(source);
+                FileChannel out = outStream.getChannel();
-            outStream = new FileOutputStream(target);
+        ) {
-            in = inStream.getChannel();
-            out = outStream.getChannel();
            ByteBuffer buffer = ByteBuffer.allocate(4096);
            while (in.read(buffer) != -1) {
                buffer.flip();
@@ -618,22 +630,16 @@ public class FileHelper {
        } catch (IOException e) {
            e.printStackTrace();
            return false;
-        } finally {
-            close(inStream);
-            close(in);
-            close(outStream);
-            close(out);
        }
        return true;
    }
    public static void customBufferStreamCopy(File source, File target) {
-        InputStream fis = null;
+        try (
-        OutputStream fos = null;
+                InputStream fis = new FileInputStream(source);
-        try {
+                OutputStream fos = new FileOutputStream(target);
-            fis = new FileInputStream(source);
+        ) {
-            fos = new FileOutputStream(target);
            byte[] buf = new byte[4096];
            int i;
            while ((i = fis.read(buf)) != -1) {
@@ -641,9 +647,6 @@ public class FileHelper {
            }
        } catch (Exception e) {
            e.printStackTrace();
-        } finally {
-            close(fis);
-            close(fos);
        }
    }
@@ -1190,36 +1193,28 @@ public class FileHelper {
     * @Title: getExcel
     * @Description: 下载指定路径的Excel文件
     */
-    public static void getExcel(String url, String fileName, HttpServletResponse response, HttpServletRequest request) {
+    public static void getExcel(String url, String fileName, HttpServletResponse response, HttpServletRequest request) throws UnsupportedEncodingException {
+        //1.设置文件ContentType类型，这样设置，会自动判断下载文件类型
-        try {
+        response.setContentType("multipart/form-data");
-            //1.设置文件ContentType类型，这样设置，会自动判断下载文件类型  
+        //2.设置文件头：最后一个参数是设置下载文件名
-            response.setContentType("multipart/form-data");
+        response.setHeader("Content-disposition", "attachment; filename=\""
+                + encodeChineseDownloadFileName(request, fileName + ".xls") + "\"");
-            //2.设置文件头：最后一个参数是设置下载文件名  
+//            response.setHeader("Content-Disposition", "attachment;filename="
-            response.setHeader("Content-disposition", "attachment; filename=\""
-                    + encodeChineseDownloadFileName(request, fileName + ".xls") + "\"");
-//            response.setHeader("Content-Disposition", "attachment;filename="  
 //                    + new String(fileName.getBytes("UTF-8"), "ISO-8859-1") + ".xls"); //中文文件名
-            //通过文件路径获得File对象
+        //通过文件路径获得File对象
-            File file = new File(url);
+        try (
+                FileInputStream in = new FileInputStream(new File(url));
-            FileInputStream in = new FileInputStream(file);
+                //3.通过response获取OutputStream对象(out)
-            //3.通过response获取OutputStream对象(out)  
+                OutputStream out = new BufferedOutputStream(response.getOutputStream());
-            OutputStream out = new BufferedOutputStream(response.getOutputStream());
+        ) {
            int b = 0;
            byte[] buffer = new byte[2048];
            while ((b = in.read(buffer)) != -1) {
                out.write(buffer, 0, b); //4.写到输出流(out)中
            }
-            in.close();
            out.flush();
-            out.close();
        } catch (IOException e) {
            log.error("下载Excel模板异常", e);
        }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileUtils.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileUtils.java
@@ -79,33 +79,42 @@ public class FileUtils {
     * @return
     */
    public static String fileToZip(List<String> list, String fileName, String ipUrl) {
-        InputStream fis = null;
-        BufferedInputStream bis = null;
-        FileOutputStream fos = null;
-        ZipOutputStream zos = null;
        // 临时目录
        String path = System.getProperty("java.io.tmpdir") + fileName;
+        File zipFile = new File(path);
+        zipFile.deleteOnExit();
        try {
-            File zipFile = new File(path);
-            zipFile.deleteOnExit();
            zipFile.createNewFile();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        try (
+                FileOutputStream fos = new FileOutputStream(zipFile);
+                BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fos);
+                ZipOutputStream zos = new ZipOutputStream(bufferedOutputStream);
+        ) {
-            fos = new FileOutputStream(zipFile);
-            zos = new ZipOutputStream(new BufferedOutputStream(fos));
            byte[] bufs = new byte[1024 * 10];
            for (String a : list) {
-                fis = getInputStreamFromURL(ipUrl + a);
+                try (
+                        InputStream fis = getInputStreamFromURL(ipUrl + a)
-                String subFileName = new File(ipUrl + a).getName();
+                ) {
-                //创建ZIP实体，并添加进压缩包
+                    assert fis != null;
-                ZipEntry zipEntry = new ZipEntry(subFileName);
+                    try (BufferedInputStream bis = new BufferedInputStream(fis, 1024 * 10)
-                zos.putNextEntry(zipEntry);
+                    ) {
+                        String subFileName = new File(ipUrl + a).getName();
-                bis = new BufferedInputStream(fis, 1024 * 10);
+                        //创建ZIP实体，并添加进压缩包
-                int read = 0;
+                        ZipEntry zipEntry = new ZipEntry(subFileName);
-                while ((read = bis.read(bufs, 0, 1024 * 10)) != -1) {
+                        zos.putNextEntry(zipEntry);
-                    zos.write(bufs, 0, read);
+                        int read = 0;
+                        while ((read = bis.read(bufs, 0, 1024 * 10)) != -1) {
+                            zos.write(bufs, 0, read);
+                        }
+                    } catch (IOException e) {
+                        e.printStackTrace();
+                    }
+                } catch (IOException e) {
+                    e.printStackTrace();
                }
            }
            System.out.println("压缩成功");
@@ -115,18 +124,6 @@ public class FileUtils {
        } catch (IOException e) {
            e.printStackTrace();
            throw new RuntimeException(e);
-        } finally {
-            try {
-                if (null != bis) {
-                    bis.close();
-                }
-                if (null != zos) {
-                    zos.close();
-                }
-            } catch (IOException e) {
-                e.printStackTrace();
-                throw new RuntimeException(e);
-            }
        }
        return path;
    }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/FileUtil.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/FileUtil.java
@@ -26,10 +26,15 @@ public class FileUtil {
        if (!targetFile.exists()) {
            targetFile.mkdirs();
        }
-        FileOutputStream out = new FileOutputStream(filePath + fileName);
+        try (
-        out.write(file);
+                FileOutputStream out = new FileOutputStream(filePath + fileName);
-        out.flush();
+        ) {
-        out.close();
+            out.write(file);
+            out.flush();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
    }
    /**

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/MyImageExtractor.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/MyImageExtractor.java
@@ -41,19 +41,11 @@ public class MyImageExtractor implements IImageExtractor {
 		imagePath = s1 + pre + s2;
 		File imageFile = new File(baseDir, imagePath);
 		imageFile.getParentFile().mkdirs();
-		InputStream in = null;
+		try (
-		OutputStream out = null;
+				InputStream in = new ByteArrayInputStream(imageData);
-		try {
+				OutputStream out = new FileOutputStream(imageFile);
-			in = new ByteArrayInputStream(imageData);
+		) {
-			out = new FileOutputStream(imageFile);
 			IOUtils.copy(in, out);
-		} finally {
-			if (in != null) {
-				IOUtils.closeQuietly(in);
-			}
-			if (out != null) {
-				IOUtils.closeQuietly(out);
-			}
 		}
 	}

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/WordConverterUtils.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/WordConverterUtils.java
@@ -77,7 +77,10 @@ public class WordConverterUtils {
 	 * @param readUrl    html中img标签的图片存储路径
 	 */
 	private static void docToHtml(File srcFile, File targetFile, String readUrl) {
-		try {
+		try (
+				FileInputStream inputStream = new FileInputStream(srcFile);
+				HWPFDocument wordDocument = new HWPFDocument(inputStream);
+		) {
 			String imagePathStr = srcFile.getParentFile().getAbsolutePath() + imgPath;
 			File imagePath = new File(imagePathStr);
 			if (!imagePath.exists()) {
@@ -85,13 +88,14 @@ public class WordConverterUtils {
 			}
 			String srcName = srcFile.getName();
 			String suffix = srcName.substring(0, srcName.lastIndexOf(".")) + "_";
-			HWPFDocument wordDocument = new HWPFDocument(new FileInputStream(srcFile));
 			org.w3c.dom.Document document = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
 			WordToHtmlConverter wordToHtmlConverter = new WordToHtmlConverter(document);
 			String uri = readUrl + imagePathStr.substring(imagePathStr.indexOf("docs"));
 			wordToHtmlConverter.setPicturesManager((content, pictureType, name, width, height) -> {
-				try {
+				try (
-					FileOutputStream out = new FileOutputStream(imagePathStr + suffix + name);
+						FileOutputStream out = new FileOutputStream(imagePathStr + suffix + name);
+				) {
 					out.write(content);
 					return uri + suffix + name;
 				} catch (Exception e) {
@@ -122,7 +126,10 @@ public class WordConverterUtils {
 	 * @return
 	 */
 	private static String docToHtmlString(File srcFile, String readUrl) {
-		try {
+		try (
+				FileInputStream inputStream = new FileInputStream(srcFile);
+				HWPFDocument wordDocument = new HWPFDocument(inputStream);
+				) {
 			String imagePathStr = srcFile.getParentFile().getAbsolutePath() + imgPath;
 			File imagePath = new File(imagePathStr);
 			if (!imagePath.exists()) {
@@ -130,7 +137,6 @@ public class WordConverterUtils {
 			}
 			String srcName = srcFile.getName();
 			String suffix = srcName.substring(0, srcName.lastIndexOf(".")) + "_";
-			HWPFDocument wordDocument = new HWPFDocument(new FileInputStream(srcFile));
 			org.w3c.dom.Document document = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
 			WordToHtmlConverter wordToHtmlConverter = new WordToHtmlConverter(document);
 			String uri = readUrl + imagePathStr.substring(imagePathStr.indexOf("docs"));
@@ -156,7 +162,6 @@ public class WordConverterUtils {
 			serializer.setOutputProperty(OutputKeys.METHOD, "html");
 			serializer.transform(domSource, streamResult);
 			return stringWriter.toString();
 		} catch (Exception e) {
 			e.printStackTrace();
 		}
@@ -180,30 +185,22 @@ public class WordConverterUtils {
 		}
 		String temp = srcFile.getName();
 		String suffix = temp.substring(0, temp.lastIndexOf(".")) + "_";
-		OutputStreamWriter outputStreamWriter = null;
+		try (
-		try {
+				FileInputStream inputStream = new FileInputStream(srcFile);
-			XWPFDocument document = new XWPFDocument(new FileInputStream(srcFile));
+				XWPFDocument document = new XWPFDocument(inputStream);
+				FileOutputStream fileOutputStream = new FileOutputStream(targetFile);
+				OutputStreamWriter outputStreamWriter = new OutputStreamWriter(fileOutputStream, "utf-8");
+		) {
 			XHTMLOptions options = XHTMLOptions.create();
 			options.setExtractor(new MyImageExtractor(imagePath, suffix));
 			String uri = readUrl + imagePathStr.substring(imagePathStr.indexOf("docs"));
 			System.out.println("uri :" + uri);
 			options.URIResolver(new MyURIResolver(uri));
-			outputStreamWriter = new OutputStreamWriter(new FileOutputStream(targetFile), "utf-8");
 			XHTMLConverter xhtmlConverter = (XHTMLConverter) XHTMLConverter.getInstance();
 			xhtmlConverter.convert(document, outputStreamWriter, options);
 		} catch (Exception e) {
 			e.printStackTrace();
-		} finally {
-			try {
-				if (outputStreamWriter != null) {
-					outputStreamWriter.close();
-				}
-			} catch (Exception e2) {
-				e2.printStackTrace();
-			}
 		}
 	}
 	/**
@@ -220,9 +217,11 @@ public class WordConverterUtils {
 		}
 		String temp = srcFile.getName();
 		String suffix = temp.substring(0, temp.lastIndexOf(".")) + "_";
-		OutputStreamWriter outputStreamWriter = null;
+		try (
-		try {
+				FileInputStream inputStream = new FileInputStream(srcFile);
-			XWPFDocument document = new XWPFDocument(new FileInputStream(srcFile));
+				XWPFDocument document = new XWPFDocument(inputStream);
+				)
+		{
 			XHTMLOptions options = XHTMLOptions.create();
 			options.setExtractor(new MyImageExtractor(imagePath, suffix));
 			String uri = readUrl + imagePathStr.substring(imagePathStr.indexOf("docs"));
@@ -234,15 +233,6 @@ public class WordConverterUtils {
 			return stringWriter.toString();
 		} catch (Exception e) {
 			e.printStackTrace();
-		} finally {
-			try {
-				if (outputStreamWriter != null) {
-					outputStreamWriter.close();
-				}
-			} catch (Exception e2) {
-				e2.printStackTrace();
-			}
 		}
 		return null;