fix: preload.ts sendSendMsgResult 安全问题

src/common/channels.ts

@@ -1,4 +1,5 @@
 export const CHANNEL_SEND_MSG = "llonebot_send_msg"
+export const CHANNEL_SEND_BACK_MSG = "llonebot_send_back_msg"
 export const CHANNEL_RECALL_MSG = "llonebot_recall_msg"
 export const CHANNEL_GET_CONFIG = "llonebot_get_config"
 export const CHANNEL_SET_CONFIG = "llonebot_set_config"

src/common/types.ts

@@ -136,7 +136,6 @@ export interface PostDataSendMsg {
     user_id: string,
     group_id: string,
     message?: OB11MessageData[];
-    ipc_uuid?: string
 }
 
 export interface Config {

src/global.d.ts

@@ -8,6 +8,7 @@ import {
     SelfInfo,
     User
 } from "./common/types";
+import { SendIPCMsgSession } from "./main/ipcsend";
 
 
 import {OB11Return, OB11MessageData, OB11SendMsgReturn} from "./onebot11/types";
@@ -36,7 +37,7 @@ declare var LLAPI: {
 
 declare var llonebot: {
     postData: (data: any) => void
-    listenSendMessage: (handle: (msg: PostDataSendMsg) => void) => void
+    listenSendMessage: (handle: (msg: SendIPCMsgSession<PostDataSendMsg>) => void) => void
     listenRecallMessage: (handle: (msg: {message_id: string}) => void) => void
     updateGroups: (groups: Group[]) => void
     updateFriends: (friends: User[]) => void

src/main/ipcsend.ts

@@ -1,6 +1,6 @@
 import {ipcMain, webContents} from 'electron';
 import {PostDataSendMsg} from "../common/types";
-import {CHANNEL_RECALL_MSG, CHANNEL_SEND_MSG} from "../common/channels";
+import {CHANNEL_RECALL_MSG, CHANNEL_SEND_MSG,CHANNEL_SEND_BACK_MSG} from "../common/channels";
 import {v4 as uuid4} from "uuid";
 import {log} from "../common/utils";
 
@@ -18,21 +18,33 @@ function sendIPCMsg(channel: string, data: any) {
     }
 }
 
+export interface SendIPCMsgSession<T> {
+    id: string
+    data: T
+}
 
 export function sendIPCSendQQMsg(postData: PostDataSendMsg, handleSendResult: (data: OB11Return<any>) => void) {
-    const onceSessionId = "llonebot_send_msg_" + uuid4();
+    const onceSessionId = uuid4();
-    postData.ipc_uuid = onceSessionId;
+    const handler = (event: any, session: SendIPCMsgSession<OB11Return<any>>) => {
-    ipcMain.once(onceSessionId, (event: any, sendResult: OB11Return<any>) => {
         // log("llonebot send msg ipcMain.once:" + JSON.stringify(sendResult));
-        try {
+        if (session?.id !== onceSessionId) {
-            handleSendResult(sendResult)
+            return
-        } catch (e) {
-            log("llonebot send msg ipcMain.once error:" + JSON.stringify(e))
         }
-    })
+        try {
-    sendIPCMsg(CHANNEL_SEND_MSG, postData);
+            handleSendResult(session.data)
+            ipcMain.off(CHANNEL_SEND_BACK_MSG, handler)
+            return
+        } catch (e) {
+            log("llonebot send msg sendIPCSendQQMsg handler error:" + JSON.stringify(e))
+        }
+    }
+    ipcMain.on(CHANNEL_SEND_BACK_MSG, handler)
+    sendIPCMsg(CHANNEL_SEND_MSG, {
+        id: onceSessionId,
+        data: postData,
+    });
 }
 
 export function sendIPCRecallQQMsg(message_id: string) {
-    sendIPCMsg(CHANNEL_RECALL_MSG, {message_id: message_id});
+    sendIPCMsg(CHANNEL_RECALL_MSG, { message_id: message_id });
 }

src/preload.ts

@@ -14,11 +14,15 @@ import {
     CHANNEL_UPDATE_FRIENDS,
     CHANNEL_UPDATE_GROUPS,
     CHANNEL_DELETE_FILE,
-    CHANNEL_GET_RUNNING_STATUS, CHANNEL_FILE2BASE64, CHANNEL_GET_HISTORY_MSG
+    CHANNEL_GET_RUNNING_STATUS,
+    CHANNEL_FILE2BASE64,
+    CHANNEL_GET_HISTORY_MSG,
+    CHANNEL_SEND_BACK_MSG,
 } from "./common/channels";
 
 
 import {OB11Return, OB11SendMsgReturn} from "./onebot11/types";
+import { SendIPCMsgSession } from "./main/ipcsend";
 
 
 const {contextBridge} = require("electron");
@@ -37,11 +41,14 @@ contextBridge.exposeInMainWorld("llonebot", {
         ipcRenderer.send(CHANNEL_UPDATE_FRIENDS, friends);
     },
     sendSendMsgResult: (sessionId: string, msgResult: OB11SendMsgReturn)=>{
-        ipcRenderer.send(sessionId, msgResult);
+        ipcRenderer.send(CHANNEL_SEND_BACK_MSG, {
+            id: sessionId, 
+            data: msgResult,
+        });
     },
-    listenSendMessage: (handle: (jsonData: PostDataSendMsg) => void) => {
+    listenSendMessage: (handle: (jsonData: SendIPCMsgSession<PostDataSendMsg>) => void) => {
         ipcRenderer.send(CHANNEL_LOG, "发送消息API已注册");
-        ipcRenderer.on(CHANNEL_SEND_MSG, (event: any, args: PostDataSendMsg) => {
+        ipcRenderer.on(CHANNEL_SEND_MSG, (event: any, args: SendIPCMsgSession<PostDataSendMsg>) => {
             handle(args)
         })
     },

src/renderer.ts

@@ -6,6 +6,7 @@ import {AtType, ChatType, Group, MessageElement, Peer, PostDataSendMsg, RawMessa
 import {OB11SendMsgReturn} from "./onebot11/types";
 import {ipcRenderer} from "electron";
 import {CHANNEL_GET_HISTORY_MSG} from "./common/channels";
+import { SendIPCMsgSession } from "./main/ipcsend";
 
 let groups: Group[] = []
 let friends: User[] = []
@@ -118,7 +119,8 @@ async function getGroupMember(group_qq: string, member_uid: string) {
 }
 
 
-async function listenSendMessage(postData: PostDataSendMsg) {
+async function listenSendMessage(session: SendIPCMsgSession<PostDataSendMsg>) {
+    const postData = session.data
     console.log("收到发送消息请求", postData);
     let sendMsgResult: OB11SendMsgReturn = {
         retcode: 0,
@@ -242,7 +244,7 @@ async function listenSendMessage(postData: PostDataSendMsg) {
             }
             console.log("发送消息", postData)
             if (sendMsgResult.status !== 0) {
-                window.llonebot.sendSendMsgResult(postData.ipc_uuid, sendMsgResult)
+                window.llonebot.sendSendMsgResult(session.id, sendMsgResult)
                 return;
             }
             window.LLAPI.sendMessage(peer, postData.params.message).then(
@@ -252,18 +254,18 @@ async function listenSendMessage(postData: PostDataSendMsg) {
                         window.llonebot.deleteFile(sendFiles);
                     }
                     sendMsgResult.data.message_id = res.raw.msgId;
-                    window.llonebot.sendSendMsgResult(postData.ipc_uuid, sendMsgResult)
+                    window.llonebot.sendSendMsgResult(session.id, sendMsgResult)
                 },
                 err => {
                     sendMsgResult.status = -1;
                     sendMsgResult.retcode = -1;
                     sendMsgResult.message = `发送失败，${err}`;
-                    window.llonebot.sendSendMsgResult(postData.ipc_uuid, sendMsgResult)
+                    window.llonebot.sendSendMsgResult(session.id, sendMsgResult)
                     console.log("消息发送失败", postData, err)
                 })
         } else {
             console.log(sendMsgResult, postData);
-            window.llonebot.sendSendMsgResult(postData.ipc_uuid, sendMsgResult)
+            window.llonebot.sendSendMsgResult(session.id, sendMsgResult)
         }
     }
 }
@@ -341,8 +343,8 @@ function onLoad() {
                 window.llonebot.log("llonebot render start");
                 window.llonebot.startExpress();
 
-                window.llonebot.listenSendMessage((postData: PostDataSendMsg) => {
+                window.llonebot.listenSendMessage((session: SendIPCMsgSession<PostDataSendMsg>) => {
-                    listenSendMessage(postData).then().catch(err => console.log("listenSendMessage err", err))
+                    listenSendMessage(session).then().catch(err => console.log("listenSendMessage err", err))
                 })
                 window.llonebot.listenRecallMessage((arg: { message_id: string }) => {
                     // console.log("listenRecallMessage", arg)