/
scan.go
executable file
·133 lines (116 loc) · 2.78 KB
/
scan.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package golang
import (
"fmt"
"github.com/ziutek/mymysql/mysql"
_ "github.com/ziutek/mymysql/thrsafe"
//"log"
"net/http"
"os"
"os/exec"
"runtime"
"strconv"
"time"
)
var c = make(chan int)
var msg string
func scanDir(w http.ResponseWriter, d string) {
dir, err := os.Open(d)
if err != nil {
// panic(nil)太粗暴,容易让程序崩溃,改成return,并打印错误行数
msg = "打开目录失败"
ErrorLine(msg)
return
}
defer dir.Close()
// 读取文件列表
fis, err := dir.Readdir(0)
if err != nil {
// panic(err)太粗暴,容易让程序崩溃,改成return,并打印错误行数
msg = "读取目录失败"
ErrorLine(msg)
return
}
db := mysqlInit()
// 遍历文件列表
runtime.GOMAXPROCS(4)
i := 0
for _, fi := range fis {
// 逃过文件夹, 我这里就不递归了
fi.Name()
fmt.Println(time.Now().String() + fi.Name())
if fi.IsDir() {
RightLine()
continue
}
// 打印文件名称
full_path := d + "/" + fi.Name()
i++
//fmt.Ffmt.Printlnf(w, "正在扫描%s \n", full_path )
RightLine()
go scanApk(w, db, full_path)
}
//fmt.Printf("一共%d \n", i )
for m := 0; m < i; m++ {
RightLine()
<-c
//fmt.Printf("收到%d \n", m)
}
//增加关闭数据库
db.Close()
}
func queryByPath(w http.ResponseWriter, db mysql.Conn, pt string) {
rows, res := checkedResult(db.Query("select full_result from risks_check_history where apk='%s' ORDER BY id DESC Limit 1", pt))
full_result := res.Map("full_result")
for _, row := range rows {
//fmt.Ffmt.Printlnf(w,
fmt.Fprintf(w,
"------[ %s 包含以下风险]---------\n%s\n",
pt,
row.Str(full_result),
)
RightLine()
}
}
func scanApk(w http.ResponseWriter, db mysql.Conn, pt string) {
run_risk := "/var/www/deployment/run.sh " + pt
err := exec.Command("sh", "-c", run_risk).Run()
if err != nil {
msg = "执行run.sh错误"
ErrorLine(msg)
//修改log.Fatal(err)为return,因为里log模块Fatal函数会导致程序调用os.Exit(1)退出->退出返回值为1
fmt.Println(time.Now().String() + "scanApk函数检查出致命错误")
return
}
queryByPath(w, db, pt)
RightLine()
c <- 1
}
func checkedResult(rows []mysql.Row, res mysql.Result, err error) ([]mysql.Row, mysql.Result) {
RightLine()
checkError(err)
return rows, res
}
func mysqlInit() mysql.Conn {
user := "apk"
pass := "apk"
dbname := "apk_risk"
//proto := "unix"
//addr := "/var/run/mysqld/mysqld.sock"
proto := "tcp"
addr := "127.0.0.1:3306"
db := mysql.New(proto, "", addr, user, pass, dbname)
RightLine()
checkError(db.Connect())
RightLine()
return db
}
func handlerScan(w http.ResponseWriter, r *http.Request) {
orgi_dir := "/data/ad/scan"
RightLine()
scanDir(w, orgi_dir)
}
func main() {
http.HandleFunc("/scan", handlerScan)
RightLine()
http.ListenAndServe(":999", nil)
}