From bb13443cb43f4525cd560c02ee05de5cf437c421 Mon Sep 17 00:00:00 2001
From: qyt <486179@qq.com>
Date: Fri, 8 May 2026 10:17:19 +0000
Subject: [PATCH] Potential fix for code scanning alert no. 1

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .../Session_Stroage/Session_UPStroage.cpp           | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/XEngine_Source/StorageModule_Session/Session_Stroage/Session_UPStroage.cpp b/XEngine_Source/StorageModule_Session/Session_Stroage/Session_UPStroage.cpp
index 595601a..14ec318 100644
--- a/XEngine_Source/StorageModule_Session/Session_Stroage/Session_UPStroage.cpp
+++ b/XEngine_Source/StorageModule_Session/Session_Stroage/Session_UPStroage.cpp
@@ -151,13 +151,9 @@ bool CSession_UPStroage::Session_UPStroage_Insert(LPCXSTR lpszClientAddr, LPCXST
 	_tcsxcpy(st_Client.st_StorageInfo.tszFileDir, lpszFileDir);
 	_tcsxcpy(st_Client.st_StorageInfo.tszClientAddr, lpszClientAddr);
 	//文件是否存在
-	if ((m_bResume) && ((0 != nPosStart) || (0 != nPostEnd)) && (0 == _xtaccess(lpszFileDir, 0)))
+	if ((m_bResume) && ((0 != nPosStart) || (0 != nPostEnd)))
 	{
-		struct _xtstat st_FStat;
-		memset(&st_FStat, '\0', sizeof(struct _xtstat));
-		_xtstat(st_Client.st_StorageInfo.tszFileDir, &st_FStat);
-		st_Client.st_StorageInfo.ullRWLen = st_FStat.st_size;
-		//追加打开
+		//直接打开，避免先检查再使用导致TOCTOU
 		st_Client.st_StorageInfo.pSt_File = _xtfopen(lpszFileDir, _X("rb+"));
 		if (NULL == st_Client.st_StorageInfo.pSt_File)
 		{
@@ -165,6 +161,11 @@ bool CSession_UPStroage::Session_UPStroage_Insert(LPCXSTR lpszClientAddr, LPCXST
 			Session_dwErrorCode = ERROR_STORAGE_MODULE_SESSION_OPENFILE;
 			return false;
 		}
+
+		//基于已打开的文件句柄获取文件长度
+		fseek(st_Client.st_StorageInfo.pSt_File, 0, SEEK_END);
+		st_Client.st_StorageInfo.ullRWLen = ftell(st_Client.st_StorageInfo.pSt_File);
+
 		//是不是覆写?
 		if (st_Client.st_StorageInfo.ullRWLen > nPosStart)
 		{