fix: 修复潜在数组越界的问题

update: 完善一下 ipapicom
Merge pull request #20 from tsosunchia/main
2025-08-12 06:26:39 +00:00 · 2022-05-27 17:19:58 +08:00 · 2022-05-27 17:18:31 +08:00 · 2022-05-27 13:11:26 +08:00 · 2022-05-27 13:09:06 +08:00 · 2022-05-27 11:14:31 +08:00
6 changed files with 108 additions and 49 deletions
--- a/ipgeo/ipapicom.go
+++ b/ipgeo/ipapicom.go
@@ -0,0 +1,43 @@
+package ipgeo
+
+import (
+	"errors"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"regexp"
+	"time"
+
+	"github.com/tidwall/gjson"
+)
+
+func IPApiCom(ip string) (*IPGeoData, error) {
+	url := "http://ip-api.com/json/" + ip + "?fields=status,message,country,regionName,city,isp,as"
+	client := &http.Client{
+		// 2 秒超时
+		Timeout: 2 * time.Second,
+	}
+	req, _ := http.NewRequest("GET", url, nil)
+	req.Header.Set("User-Agent", "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0")
+	content, err := client.Do(req)
+	if err != nil {
+		log.Println("ip-api.com 请求超时(2s)，请切换其他API使用")
+		return nil, err
+	}
+	body, _ := ioutil.ReadAll(content.Body)
+	res := gjson.ParseBytes(body)
+
+	if res.Get("status").String() != "success" {
+		return &IPGeoData{}, errors.New("超过API阈值")
+	}
+
+	re := regexp.MustCompile("[0-9]+")
+
+	return &IPGeoData{
+		Asnumber: re.FindString(res.Get("as").String()),
+		Country:  res.Get("country").String(),
+		City:     res.Get("city").String(),
+		Prov:     res.Get("regionName").String(),
+		Isp:      res.Get("isp").String(),
+	}, nil
+}
--- a/ipgeo/ipgeo.go
+++ b/ipgeo/ipgeo.go
@@ -24,6 +24,8 @@ func GetSource(s string) Source {
 		return IPSB
 	case "IPINSIGHT":
 		return IPInSight
+	case "IPAPI.COM":
+		return IPApiCom
 	default:
 		return nil
 	}
--- a/ipgeo/ipgeo_test.go
+++ b/ipgeo/ipgeo_test.go
@@ -41,3 +41,12 @@ func TestIPInSight(t *testing.T) {
 	// 这个库有时候不提供城市信息，返回值为""
 	//assert.NotEmpty(t, res.City)
 }
+
+func TestIPApiCom(t *testing.T) {
+	res, err := IPApiCom("1.1.1.1")
+	assert.Nil(t, err)
+	assert.NotNil(t, res)
+	assert.NotEmpty(t, res.Country)
+	assert.NotEmpty(t, res.City)
+	assert.NotEmpty(t, res.Prov)
+}
--- a/main.go
+++ b/main.go
@@ -30,7 +30,7 @@ var tablePrint = fSet.Bool("table", false, "Output trace results as table")
 var ver = fSet.Bool("V", false, "Check Version")

 func printArgHelp() {
-	fmt.Println("\nArgs Error\nUsage : 'nexttrace [option...] <hostname>' or 'nexttrace <hostname> [option...]'\nOPTIONS: [-VTU] [-d DATAORIGIN.STR ] [ -m TTL ] [ -p PORT ] [ -q PROBES.COUNT ] [ -r PARALLELREQUESTS.COUNT ] [-rdns] [ -realtime | -table ] -report")
+	fmt.Println("\nArgs Error\nUsage : 'nexttrace [option...] HOSTNAME' or 'nexttrace HOSTNAME [option...]'\nOPTIONS: [-VTU] [-d DATAORIGIN.STR ] [ -m TTL ] [ -p PORT ] [ -q PROBES.COUNT ] [ -r PARALLELREQUESTS.COUNT ] [-rdns] [ -realtime | -table ] -report")
 	fSet.PrintDefaults()
 	os.Exit(2)
 }
--- a/nt_install.sh
+++ b/nt_install.sh
@@ -9,18 +9,16 @@ fi

 usrPath="/usr/local/bin"

-function red(){
+function red() {
    echo -e "\e[1;31m$1\e[0m"
 }

 checkRootPermit() {
    [[ $EUID -ne 0 ]] && red "请使用sudo/root权限运行本脚本" && exit 1
 }
-ask_if()
-{
+ask_if() {
    local choice=""
-    while [ "$choice" != "y" ] && [ "$choice" != "n" ]
-    do
+    while [ "$choice" != "y" ] && [ "$choice" != "n" ]; do
        red $1
        read choice
    done
@@ -28,13 +26,11 @@ ask_if()
    return 1
 }
 #检查脚本更新
-check_script_update()
-{
+check_script_update() {
    [ "$(md5sum "${BASH_SOURCE[0]}" | awk '{print $1}')" == "$(md5sum <(curl -sL "https://github.com/xgadget-lab/nexttrace/raw/main/nt_install.sh") | awk '{print $1}')" ] && return 1 || return 0
 }
 #更新脚本
-update_script()
-{
+update_script() {
    if curl -sL -o "${BASH_SOURCE[0]}" "https://github.com/xgadget-lab/nexttrace/raw/main/nt_install.sh" || curl -sL -o "${BASH_SOURCE[0]}" "https://github.com/xgadget-lab/nexttrace/raw/main/nt_install.sh"; then
        red "脚本更新完成，正在重启脚本..."
        exec bash ${BASH_SOURCE[0]} --auto
@@ -43,8 +39,7 @@ update_script()
        exit 1
    fi
 }
-ask_update_script()
-{
+ask_update_script() {
    if check_script_update; then
        red "脚本可升级"
        [[ $auto == True ]] && update_script
@@ -56,16 +51,16 @@ ask_update_script()
 checkSystemArch() {
    arch=$(uname -m)
    case $arch in
-      'x86_64')
+    'x86_64')
        archParam='amd64'
        ;;
-      'mips')
+    'mips')
        archParam='mips'
        ;;
-      'arm64'|'aarch64')
+    'arm64' | 'aarch64')
        archParam="arm64"
        ;;
-      *)
+    *)
        red "未知的系统架构，请联系开发者."
        exit 1
        ;;
@@ -96,43 +91,44 @@ getLocation() {

 checkPackageManger() {
    if [[ "$(which brew)" ]]; then #务必将brew置于第一位,macOS的apt是假的
-    brew update
-      PACKAGE_MANAGEMENT_INSTALL='brew install'
-      PACKAGE_MANAGEMENT_REMOVE='brew uninstall'
+        # brew update
+        PACKAGE_MANAGEMENT_INSTALL='brew install'
+        PACKAGE_MANAGEMENT_REMOVE='brew uninstall'
    elif [[ "$(which apt)" ]]; then
-       apt-get update
-      PACKAGE_MANAGEMENT_INSTALL='apt-get -y --no-install-recommends install'
-      PACKAGE_MANAGEMENT_REMOVE='apt-get purge'
+        apt-get update
+        PACKAGE_MANAGEMENT_INSTALL='apt-get -y --no-install-recommends install'
+        PACKAGE_MANAGEMENT_REMOVE='apt-get purge'
    elif [[ "$(which dnf)" ]]; then
-    dnf check-update
-      PACKAGE_MANAGEMENT_INSTALL='dnf -y install'
-      PACKAGE_MANAGEMENT_REMOVE='dnf remove'
+        dnf check-update
+        PACKAGE_MANAGEMENT_INSTALL='dnf -y install'
+        PACKAGE_MANAGEMENT_REMOVE='dnf remove'
    elif [[ "$(which yum)" ]]; then
-      PACKAGE_MANAGEMENT_INSTALL='yum -y install'
-      PACKAGE_MANAGEMENT_REMOVE='yum remove'
+        PACKAGE_MANAGEMENT_INSTALL='yum -y install'
+        PACKAGE_MANAGEMENT_REMOVE='yum remove'
    elif [[ "$(which zypper)" ]]; then
-    zypper refresh
-      PACKAGE_MANAGEMENT_INSTALL='zypper install -y --no-recommends'
-      PACKAGE_MANAGEMENT_REMOVE='zypper remove'
+        zypper refresh
+        PACKAGE_MANAGEMENT_INSTALL='zypper install -y --no-recommends'
+        PACKAGE_MANAGEMENT_REMOVE='zypper remove'
    elif [[ "$(which pacman)" ]]; then
-      PACKAGE_MANAGEMENT_INSTALL='pacman -Syu --noconfirm'
-      PACKAGE_MANAGEMENT_REMOVE='pacman -Rsn'
+        PACKAGE_MANAGEMENT_INSTALL='pacman -Syu --noconfirm'
+        PACKAGE_MANAGEMENT_REMOVE='pacman -Rsn'
    else
-      red "error: The script does not support the package manager in this operating system."
-      exit 1
+        red "error: The script does not support the package manager in this operating system."
+        exit 1
    fi
 }

 install_software() {
-  package_name="$1"
-  which "$package_name" > /dev/null 2>&1 && return
-  red "${package_name} 正在安装中...(此步骤时间可能较长，请耐心等待)"
-  if ${PACKAGE_MANAGEMENT_INSTALL} "$package_name"; then
-    red "info: $package_name is installed."
-  else
-    red "error: Installation of $package_name failed, please check your network."
-    exit 1
-  fi
+    package_name="$1"
+    which "$package_name" >/dev/null 2>&1 && return
+    [[ ${osDistribution} == "darwin" ]] && echo -e "由于macOS brew的权限限制，请以非root权限执行下面一行提示的命令后再次运行本脚本(注意不要在该命令加sudo!):\nbrew update && ${PACKAGE_MANAGEMENT_INSTALL} $package_name " && exit 0
+    red "${package_name} 正在安装中...(此步骤时间可能较长，请耐心等待)"
+    if ${PACKAGE_MANAGEMENT_INSTALL} "$package_name"; then
+        red "info: $package_name is installed."
+    else
+        red "error: Installation of $package_name failed, please check your network."
+        exit 1
+    fi
 }

 checkVersion() {
@@ -146,7 +142,7 @@ checkVersion() {
        red "获取版本失败，请检查网络连接"
        exit 1
    fi
-    currentVersion=$(nexttrace -V | head -n 1 | awk '{print $2}') &> /dev/null
+    currentVersion=$(nexttrace -V | head -n 1 | awk '{print $2}') &>/dev/null
    if [[ $currentVersion == $version ]]; then
        red "当前版本已是最新版本"
        exit 0
@@ -174,9 +170,9 @@ checkVersion() {
 downloadBinrayFile() {
    red "正在获取最新版的 NextTrace 发行版文件信息..."
    # 简单说明一下，Github提供了一个API，可以获取最新发行版本的二进制文件下载地址（对应的是browser_download_url），根据刚刚测得的osDistribution、archParam，获取对应的下载地址
-        # red nexttrace_${osDistribution}_${archParam}
-        latestURL=$(curl -s https://api.github.com/repos/xgadget-lab/nexttrace/releases/latest | jq ".assets[] | select(.name == \"nexttrace_${osDistribution}_${archParam}\") | .browser_download_url")
-        latestURL=${latestURL:1:-1}
+    # red nexttrace_${osDistribution}_${archParam}
+    latestURL=$(curl -s https://api.github.com/repos/xgadget-lab/nexttrace/releases/latest | jq ".assets[] | select(.name == \"nexttrace_${osDistribution}_${archParam}\") | .browser_download_url")
+    latestURL=${latestURL:1:-1}
    if [ "$countryCode" == "CN" ]; then
        if [[ $auto == True ]]; then
            latestURL="https://ghproxy.com/"$latestURL
--- a/reporter/reporter.go
+++ b/reporter/reporter.go
@@ -130,7 +130,16 @@ func (r *reporter) InitialBaseData() Reporter {
 func (r *reporter) Print() {
 	var beforeActiveTTL uint16 = 0
 	r.InitialBaseData()
-	for i := uint16(1); i < r.targetTTL; i++ {
+	// 尝试首个有效 TTL
+	for i := uint16(0); i < r.targetTTL; i++ {
+		if len(r.routeReport[i]) != 0 {
+			beforeActiveTTL = i
+			// 找到以后便不再循环
+			break
+		}
+	}
+
+	for i := beforeActiveTTL; i < r.targetTTL; i++ {
 		// 计算该TTL内的数据长度，如果为0，则代表没有有效数据
 		if len(r.routeReport[i]) == 0 {
 			// 跳过改跃点的数据整理
@@ -138,7 +147,7 @@ func (r *reporter) Print() {
 		}
 		nodeReport := r.routeReport[i][0]

-		if i == 1 {
+		if i == beforeActiveTTL {
 			fmt.Printf("AS%s %s「%s『%s", nodeReport.asn, nodeReport.isp, nodeReport.geo[0], nodeReport.geo[1])
 		} else {
 			nodeReportBefore := r.routeReport[beforeActiveTTL][0]
Author	SHA1	Message	Date
sjlleo	9656dfe172	fix: 修复潜在数组越界的问题	2022-05-27 17:19:58 +08:00
sjlleo	84c48dae99	update: 完善一下 ipapicom	2022-05-27 17:18:31 +08:00
tsosunchia	4eaac372f6	Merge pull request #20 from tsosunchia/main add ip-api.com API	2022-05-27 13:11:26 +08:00
tsosunchia	c92d8a5172	add ip-api.com API	2022-05-27 13:09:06 +08:00
tsosunchia	acab410d4c	Update nt_install.sh	2022-05-27 11:14:31 +08:00
tsosunchia	858555fd86	Merge pull request #19 from tsosunchia/main update nt_install.sh 修正在macOS下可能出现的问题	2022-05-27 11:12:14 +08:00
tsosunchia	31e419b199	update nt_install.sh 修正在macOS下可能出现的问题	2022-05-27 11:11:51 +08:00