aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKanagaraj Manickam k00365106 <kanagaraj.manickam@huawei.com>2019-03-01 10:32:17 +0530
committerKanagaraj Manickam k00365106 <kanagaraj.manickam@huawei.com>2019-03-01 10:53:31 +0530
commit8d59ae0158a8b3f0d038194f42b95424e8c8b38a (patch)
tree2b96c2638722680dd6b04d511008c5b20f538945
parentadfc77d913cb8e54750d8fe167fde2bb4ffc57ef (diff)
Fix the code vulnerabilities
Issue-ID: CLI-129 Change-Id: I441d7897c2e47b8eda13775d66327401656300ba Signed-off-by: Kanagaraj Manickam k00365106 <kanagaraj.manickam@huawei.com>
-rw-r--r--framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java10
-rw-r--r--framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java12
-rw-r--r--framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java19
-rw-r--r--framework/src/test/java/org/onap/cli/fw/utils/OnapCommandUtilsTest.java27
-rw-r--r--grpc/grpc-server/src/main/java/org/open/infc/grpc/server/OpenInterfaceGrpcServer.java5
-rw-r--r--profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java24
6 files changed, 44 insertions, 53 deletions
diff --git a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
index f01f9a21..2e63b03e 100644
--- a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
+++ b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
@@ -50,11 +50,7 @@ public class OnapCommandArtifactStore {
private static boolean storeReady = false;
- private static SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS", Locale.US);
-
- static {
- dateFormatter.setTimeZone(TimeZone.getTimeZone("UTC"));
- }
+ private SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS", Locale.US);
private static String SEPARATOR = "__";
@@ -138,7 +134,7 @@ public class OnapCommandArtifactStore {
private static OnapCommandArtifactStore store = null;
private OnapCommandArtifactStore() {
-
+ this.dateFormatter.setTimeZone(TimeZone.getTimeZone("UTC"));
}
public static OnapCommandArtifactStore getStore() {
@@ -222,7 +218,7 @@ public class OnapCommandArtifactStore {
searchPattern += SEPARATOR;
- if (category != null && !namePattern.isEmpty()) {
+ if (category != null && !category.isEmpty()) {
searchPattern += category;
} else {
searchPattern += "*";
diff --git a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
index 71cd245f..4fc2508a 100644
--- a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
+++ b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
@@ -43,11 +43,7 @@ public class OnapCommandExecutionStore {
private static boolean storeReady = false;
- private static SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS", Locale.US);
-
- static {
- dateFormatter.setTimeZone(TimeZone.getTimeZone("UTC"));
- }
+ private SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS", Locale.US);
private static String SEPARATOR = "__";
@@ -170,7 +166,7 @@ public class OnapCommandExecutionStore {
private static OnapCommandExecutionStore store = null;
private OnapCommandExecutionStore() {
-
+ this.dateFormatter.setTimeZone(TimeZone.getTimeZone("UTC"));
}
public static OnapCommandExecutionStore getStore() {
@@ -306,9 +302,7 @@ public class OnapCommandExecutionStore {
for (String dir: dirs) {
list.add(this.makeExecution(dir));
}
- } catch (IOException e) {
- throw new OnapCommandExecutionFailed(e, "Failed to search the executions");
- } catch (InterruptedException e) {
+ } catch (Exception e) {
throw new OnapCommandExecutionFailed(e, "Failed to search the executions");
}
diff --git a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
index b373a913..9b896230 100644
--- a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
+++ b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
@@ -144,23 +144,4 @@ public class ProcessRunner {
public String getError() {
return this.error;
}
-
- public static void main(String[] args) {
- try {
- ProcessRunner pr = new ProcessRunner("dir", null);
- pr.run();
- System.out.println(pr.getOutput());
- System.out.println(pr.getError());
- System.out.println(pr.getExitCode());
-
- pr = new ProcessRunner(new String [] {"dir", "c:"}, null);
- pr.run();
- System.out.println(pr.getOutput());
- System.out.println(pr.getError());
- System.out.println(pr.getExitCode());
-
- } catch (InterruptedException | IOException e) {
- e.printStackTrace();
- }
- }
} \ No newline at end of file
diff --git a/framework/src/test/java/org/onap/cli/fw/utils/OnapCommandUtilsTest.java b/framework/src/test/java/org/onap/cli/fw/utils/OnapCommandUtilsTest.java
index 69b718d4..df94d594 100644
--- a/framework/src/test/java/org/onap/cli/fw/utils/OnapCommandUtilsTest.java
+++ b/framework/src/test/java/org/onap/cli/fw/utils/OnapCommandUtilsTest.java
@@ -145,13 +145,6 @@ public class OnapCommandUtilsTest {
}
@Test
- public void replaceLineForSpecialValues_envVariable() {
- String replacedLine = OnapCommandUtils.replaceLineForSpecialValues("$s{env:USER}");
-
- assertEquals(System.getenv("USER"), replacedLine);
- }
-
- @Test
public void replaceLineForSpecialValues_multipleVariables() {
String replacedLine = OnapCommandUtils.replaceLineForSpecialValues("$s{A} $s{B}");
@@ -485,6 +478,26 @@ public class OnapCommandUtilsTest {
}
}
+ @Test
+ public void testProcessRunner() {
+ try {
+ ProcessRunner pr = new ProcessRunner("dir", null);
+ pr.run();
+ System.out.println(pr.getOutput());
+ System.out.println(pr.getError());
+ System.out.println(pr.getExitCode());
+
+ pr = new ProcessRunner(new String [] {"dir", "c:"}, null);
+ pr.run();
+ System.out.println(pr.getOutput());
+ System.out.println(pr.getError());
+ System.out.println(pr.getExitCode());
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
private void mockPrintMethodException() {
new MockUp<OnapCommandResult>() {
boolean isMock = true;
diff --git a/grpc/grpc-server/src/main/java/org/open/infc/grpc/server/OpenInterfaceGrpcServer.java b/grpc/grpc-server/src/main/java/org/open/infc/grpc/server/OpenInterfaceGrpcServer.java
index 45a64084..afbd7682 100644
--- a/grpc/grpc-server/src/main/java/org/open/infc/grpc/server/OpenInterfaceGrpcServer.java
+++ b/grpc/grpc-server/src/main/java/org/open/infc/grpc/server/OpenInterfaceGrpcServer.java
@@ -208,7 +208,10 @@ public class OpenInterfaceGrpcServer {
Builder reply = Output.newBuilder();
reply.setSuccess(true);
reply.putAttrs(OnapCommandConstants.ERROR, "{}");
- reply.putAddons("execution-id", executionStoreContext.getExecutionId());
+
+ if (executionStoreContext != null)
+ reply.putAddons("execution-id", executionStoreContext.getExecutionId());
+
try {
reply.putAttrs(OnapCommandConstants.RESULTS, new ObjectMapper().readTree(printOut).toString());
} catch (IOException e) {
diff --git a/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java b/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
index 69987d9b..8e94db85 100644
--- a/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
+++ b/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
@@ -138,7 +138,7 @@ public class OpenCommandShellCmd extends OnapCommand {
cwd);
try {
pr.run();
- } catch (InterruptedException | IOException e) {
+ } catch (Exception e) {
throw new OnapCommandExecutionFailed(this.getName(), e);
}
@@ -251,21 +251,25 @@ public class OpenCommandShellCmd extends OnapCommand {
bodyProcessedLine += processedPattern.substring(currentIdx);
break;
}
- int idxE = idxS + 2; // %s
+
+ int idxEnd = idxS + 2; // %s
+
try {
- Object value = values.get(positionalIdx);
- String valueS = String.valueOf(value);
- if (value instanceof JSONArray) {
- JSONArray arr = (JSONArray) value;
- if (!arr.isEmpty()) {
- valueS = arr.get(i).toString();
+ Object val = values.get(positionalIdx);
+ String valStr = String.valueOf(val);
+
+ if (val instanceof JSONArray) {
+ JSONArray aJson = (JSONArray) val;
+
+ if (!aJson.isEmpty()) {
+ valStr = aJson.get(i).toString();
} else {
throw new OnapCommandResultEmpty();
}
}
- bodyProcessedLine += processedPattern.substring(currentIdx, idxS) + valueS;
- currentIdx = idxE;
+ bodyProcessedLine += processedPattern.substring(currentIdx, idxS) + valStr;
+ currentIdx = idxEnd;
positionalIdx++;
} catch (OnapCommandResultEmpty e) {
throw e;