Merge pull request #111 from sakuradairong/optimize-script

[优化] 代码清理 安全加固:修复竞态条件、空参数漏洞、兼容性修复
This commit is contained in:
YAWAsau
2026-05-09 12:43:06 +08:00
committed by GitHub
2 changed files with 52 additions and 35 deletions

View File

@@ -1,9 +1,16 @@
#!/system/bin/sh
if [ -f "${0%/*}/tools/tools.sh" ]; then
MODDIR="${0%/*}"
conf_path="${0%/*}/backup_settings.conf"
[ ! -f "${0%/*}/backup_settings.conf" ] && . "${0%/*}/tools/tools.sh"
else
echo "${0%/*}/tools/tools.sh遺失"
if [ ! -f "${0%/*}/tools/tools.sh" ]; then
echo "${0%/*}/tools/tools.sh遺失"
exit 1
fi
MODDIR="${0%/*}"
conf_path="${0%/*}/backup_settings.conf"
# 若配置文件不存在,啟動腳本自動生成默認配置後退出
if [ ! -f "$conf_path" ]; then
. "${0%/*}/tools/tools.sh"
exit 0
fi
. "${0%/*}/tools/tools.sh" | tee "${0%/*}/log_$(date +%Y-%m-%d_%H-%M).txt"

View File

@@ -315,7 +315,17 @@ export TZ=Asia/Taipei
ln -fs "$tools_path/classes.dex" "$filepath/classes.dex"
export CLASSPATH="$filepath/classes.dex"
quit=0
while read -r file expected_hash; do
cat <<EOF | while read -r file expected_hash; do
zstd 9ef4b54148699c9874cfd45aaf38e5cc950e5d168afdcf2edf58a2463f5561ed
tar 882639ac310a7eb4052c68c21cea02633307700f9cc8c7c469c2dd18d734a112
classes.dex 63934f7d15de40f4b188672e36fe22a01b55abb235becee2c2738f29aaf8299b
bc b15d730591f6fb52af59284b87d939c5bea204f944405a3518224d8df788dc15
busybox 4d60ab3f5a59ebb2ca863f2f514e6924401b581e9b64f602665c008177626651
find 7fa812e58aafa29679cf8b50fc617ecf9fec2cfb2e06ea491e0a2d6bf79b903b
jq 6bc62f25981328edd3cfcfe6fe51b073f2d7e7710d7ef7fcdac28d4e384fc3d4
keycheck 50645ee0e0d2a7d64fb4a1286446df7a4445f3d11aefd49eeeb88515b314c363
cmd 08da8ac23b6e99788fd3ce6c19c7b5a083b2ad48be35963a48d01d6ee7f3bb6d
EOF
if [[ -f $tools_path/$file ]]; then
computed_hash="$(sha256sum "$tools_path/$file" | awk '{print $1}')"
if [[ $computed_hash = $expected_hash ]]; then
@@ -330,17 +340,7 @@ while read -r file expected_hash; do
quit=1
break
fi
done <<< "$(cat <<EOF
zstd 9ef4b54148699c9874cfd45aaf38e5cc950e5d168afdcf2edf58a2463f5561ed
tar 882639ac310a7eb4052c68c21cea02633307700f9cc8c7c469c2dd18d734a112
classes.dex 63934f7d15de40f4b188672e36fe22a01b55abb235becee2c2738f29aaf8299b
bc b15d730591f6fb52af59284b87d939c5bea204f944405a3518224d8df788dc15
busybox 4d60ab3f5a59ebb2ca863f2f514e6924401b581e9b64f602665c008177626651
find 7fa812e58aafa29679cf8b50fc617ecf9fec2cfb2e06ea491e0a2d6bf79b903b
jq 6bc62f25981328edd3cfcfe6fe51b073f2d7e7710d7ef7fcdac28d4e384fc3d4
keycheck 50645ee0e0d2a7d64fb4a1286446df7a4445f3d11aefd49eeeb88515b314c363
cmd 08da8ac23b6e99788fd3ce6c19c7b5a083b2ad48be35963a48d01d6ee7f3bb6d
EOF)"
done
if [[ $background_execution = 1 || $setDisplayPowerMode = 1 ]]; then
alias notification="app_process /system/bin com.xayah.dex.NotificationUtil notify -t 'SpeedBackup' "$@""
else
@@ -436,20 +436,30 @@ echo_log() {
fi
}
kill_Serve() {
LOCK_FILE="/tmp/my_backup.lock"
if [[ -f $LOCK_FILE ]]; then
OLD_PID="$(cat "$LOCK_FILE")"
if kill -0 "$OLD_PID" 2>/dev/null; then
echo "發現先前的備份程序 (PID=$OLD_PID),將其終止"
kill -KILL "$OLD_PID"
echo "結束自身,避免重複執行"
exit 1
local LOCK_DIR="/data/local/tmp/.backup_lock"
local MY_PID="$$"
# 使用 mkdir 作為原子鎖操作,避免 TOCTOU 競態條件
if ! mkdir "$LOCK_DIR" 2>/dev/null; then
if [[ -f $LOCK_DIR/pid ]]; then
OLD_PID="$(cat "$LOCK_DIR/pid")"
if kill -0 "$OLD_PID" 2>/dev/null; then
echo "發現先前的備份程序 (PID=$OLD_PID),將其終止"
kill -KILL "$OLD_PID"
echo "結束自身,避免重複執行"
exit 1
else
echo "發現 lock 但程序已不存在,視為殘留 lock"
rm -rf "$LOCK_DIR"
mkdir "$LOCK_DIR" 2>/dev/null || exit 1
fi
else
echo "發現 lock 檔但程序已不存在,視為殘留 lock"
rm -rf "$LOCK_DIR"
mkdir "$LOCK_DIR" 2>/dev/null || exit 1
fi
fi
echo $$ > "$LOCK_FILE"
trap "rm -f '$LOCK_FILE'" EXIT
echo "$MY_PID" > "$LOCK_DIR/pid"
trap "rm -rf '$LOCK_DIR'" EXIT
}
echo $$
kill_Serve
@@ -642,11 +652,13 @@ alias Set_Ops="app_process /system/bin com.xayah.dex.HiddenApiUtil setOpsMode $U
alias setDisplay="app_process /system/bin com.xayah.dex.HiddenApiUtil setDisplayPowerMode $@"
find_tools_path="$(find "$path_hierarchy"/* -maxdepth 1 -name "tools" -type d ! -path "$path_hierarchy/tools")"
backup_wifi() {
[[ ! -d $1 ]] && mkdir -p "$1"
if [[ -d $1 ]]; then
local wifi_dir="$1"
[[ -z $wifi_dir ]] && echoRgb "backup_wifi: 目錄參數為空" "0" && return 1
[[ ! -d $wifi_dir ]] && mkdir -p "$wifi_dir"
if [[ -d $wifi_dir ]]; then
echoRgb "備份wifi密碼"
rm -rf "$1"/*
app_process /system/bin com.xayah.dex.NetworkUtil saveNetworks>"$1/wifi.json"
rm -rf "${wifi_dir:?}"/*
app_process /system/bin com.xayah.dex.NetworkUtil saveNetworks>"$wifi_dir/wifi.json"
echo_log "wifi備份"
fi
}
@@ -1897,7 +1909,6 @@ backup() {
txt_path="$txt"
[[ ! -f $txt ]] && echoRgb "請執行start.sh獲取應用列表再來備份" "0" && exit 1
TXT_NAME="${txt##*/}"
echo "${TXT_NAME##*.}"
case ${TXT_NAME##*.} in
txt) ;;
*) echoRgb "$txt不是腳本讀取格式" "0" && exit 2 ;;
@@ -1968,7 +1979,6 @@ backup() {
fi
[[ $backup_media = false ]] && echoRgb "當前$MODDIR_NAME/backup_settings.conf的\n -backup_media=0將不備份自定義資料夾" "0"
txt2="$Backup/appList.txt"
#txt2="${txt2/'/storage/emulated/'/'/data/media/'}"
txt_path2="$txt2"
[[ ! -f $txt2 ]] && echo "#不需要恢復還原的應用請在開頭使用#注釋 比如:#酷安 com.coolapk.market">"$txt2"
txt2="$(cat "$txt2")"