aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2020-10-19 10:05:16 -0400
committerDan Timoney <dtimoney@att.com>2020-10-19 15:18:38 +0000
commitde25ce109a23df22eee05b076f551fd73ddf2fcd (patch)
treec8b7d196ee7a0bb869bc1d37d4aaed0195178be6
parentf46d08d4a0c344bf15711a27fef4f5f35d4a2cb5 (diff)
Add file path validation
Add file path validation for EnvVarFileResolver. Refactored PathValidator to org.onap.ccsdk.sli.core.utils so it can be used here. Change-Id: Ibb50df0ad020cf376c1ce20e7b598f7ad7223d48 Issue-ID: CCSDK-2918 Signed-off-by: Dan Timoney <dtimoney@att.com>
-rwxr-xr-x.gitignore1
-rw-r--r--sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/CheckSumHelper.java2
-rw-r--r--sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicParser.java1
-rw-r--r--sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicStoreFactory.java1
-rw-r--r--sli/provider-base/src/main/java/org/onap/ccsdk/sli/core/sli/recording/FileRecorder.java2
-rwxr-xr-xutils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/EnvVarFileResolver.java2
-rw-r--r--utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/PathValidator.java (renamed from sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/PathValidator.java)3
7 files changed, 8 insertions, 4 deletions
diff --git a/.gitignore b/.gitignore
index 610f8902..5a221b0f 100755
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@ org.eclipse.core.resources.prefs
.checkstyle
maven-eclipse.xml
workspace
+.vscode
## Compilation Files ##
*.class
diff --git a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/CheckSumHelper.java b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/CheckSumHelper.java
index 2f1f466c..9283cf65 100644
--- a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/CheckSumHelper.java
+++ b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/CheckSumHelper.java
@@ -28,6 +28,8 @@ import java.nio.file.Paths;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import org.onap.ccsdk.sli.core.utils.PathValidator;
+
import javax.xml.bind.DatatypeConverter;
public class CheckSumHelper {
diff --git a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicParser.java b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicParser.java
index cb78ac2e..adec7b27 100644
--- a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicParser.java
+++ b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicParser.java
@@ -35,6 +35,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.*;
import org.xml.sax.helpers.DefaultHandler;
+import org.onap.ccsdk.sli.core.utils.PathValidator;
/**
* @author dt5972
diff --git a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicStoreFactory.java b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicStoreFactory.java
index f682bb52..e0eb5730 100644
--- a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicStoreFactory.java
+++ b/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/SvcLogicStoreFactory.java
@@ -26,6 +26,7 @@ import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Properties;
import org.onap.ccsdk.sli.core.dblib.DBResourceManager;
+import org.onap.ccsdk.sli.core.utils.PathValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
diff --git a/sli/provider-base/src/main/java/org/onap/ccsdk/sli/core/sli/recording/FileRecorder.java b/sli/provider-base/src/main/java/org/onap/ccsdk/sli/core/sli/recording/FileRecorder.java
index ab6f8bcc..7d690e74 100644
--- a/sli/provider-base/src/main/java/org/onap/ccsdk/sli/core/sli/recording/FileRecorder.java
+++ b/sli/provider-base/src/main/java/org/onap/ccsdk/sli/core/sli/recording/FileRecorder.java
@@ -33,7 +33,7 @@ import java.util.Map;
import java.util.TimeZone;
import org.onap.ccsdk.sli.core.sli.ConfigurationException;
-import org.onap.ccsdk.sli.core.sli.PathValidator;
+import org.onap.ccsdk.sli.core.utils.PathValidator;
import org.onap.ccsdk.sli.core.sli.SvcLogicException;
import org.onap.ccsdk.sli.core.sli.SvcLogicRecorder;
diff --git a/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/EnvVarFileResolver.java b/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/EnvVarFileResolver.java
index 669b3992..29d35d6e 100755
--- a/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/EnvVarFileResolver.java
+++ b/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/EnvVarFileResolver.java
@@ -62,7 +62,7 @@ public abstract class EnvVarFileResolver implements PropertiesFileResolver {
final File fileFromEnvVariable;
if (!Strings.isNullOrEmpty(propDirectoryFromEnvVariable)) {
fileFromEnvVariable = Paths.get(propDirectoryFromEnvVariable).resolve(filename).toFile();
- if(fileFromEnvVariable.exists()) {
+ if(PathValidator.isValidFilePath(fileFromEnvVariable.getAbsolutePath()) && fileFromEnvVariable.exists()) {
return Optional.of(fileFromEnvVariable);
}
}
diff --git a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/PathValidator.java b/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/PathValidator.java
index 511dbca7..97352501 100644
--- a/sli/common/src/main/java/org/onap/ccsdk/sli/core/sli/PathValidator.java
+++ b/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/PathValidator.java
@@ -1,5 +1,4 @@
-package org.onap.ccsdk.sli.core.sli;
-
+package org.onap.ccsdk.sli.core.utils;
import java.util.regex.Pattern;
public class PathValidator {