feat: 增加参数的长度校验, 禁用容器内部网络，修复代码中包含反引号的错误

server/src/docker/index.ts

@@ -120,10 +120,10 @@ export async function run2(params: {
   const wrapCode = '\n' + prefix + decodeURI(code) + '\n' + 'EOF' + '\n';
   const wrapStdin = '\n' + decodeURI(stdin || '') + '\n' + 'EOF' + '\n';
 
-  let bashCmd = `cat > code.${fileSuffix} << EOF ${wrapCode}`;
+  let bashCmd = `cat > code.${fileSuffix} << 'EOF' ${wrapCode}`;
 
   if (type === CodeType.java) {
-    bashCmd = `cat > Code.${fileSuffix} << EOF ${wrapCode}`;
+    bashCmd = `cat > Code.${fileSuffix} << 'EOF' ${wrapCode}`;
   }
 
   if (stdin) {
@@ -141,6 +141,7 @@ export async function run2(params: {
         StopTimeout: 6,
         Tty: true,
         AttachStdout: true,
+        NetworkDisabled: true,
       },
       function (_err, container?: Container) {
         if (_err) reject(_err);

server/src/routes/code.ts

@@ -10,8 +10,14 @@ export enum RunCodeStatus {
   error = 2,
 }
 
+interface IRunRequest {
+  stdin?: string;
+  code?: string;
+  type?: CodeType;
+}
+
 router.post('/run', async (ctx) => {
-  const body = ctx.request.body ?? {};
+  const body = (ctx.request.body as IRunRequest) ?? {};
 
   const { code, type, stdin = '' } = body;
 
@@ -24,11 +30,16 @@ router.post('/run', async (ctx) => {
     return;
   }
 
+  if (code.length > 500000 || stdin.length > 500000) {
+    ctx.throw(400, '参数太长了!');
+    return;
+  }
+
   try {
     const output = await docker.run2({
-      type: type as CodeType,
+      type,
       code,
-      stdin: stdin as string,
+      stdin,
     });
     ctx.body = {
       code: 0,