diff options
author | priyanka.akhade <priyanka.akhade@huawei.com> | 2020-05-07 10:32:50 +0000 |
---|---|---|
committer | priyanka.akhade <priyanka.akhade@huawei.com> | 2020-05-07 14:49:30 +0000 |
commit | 0c892707576824931cfd0d4c4ba1334b9d8914ff (patch) | |
tree | d706bf005036a50713023f120e1a5da9bb8b0ec5 /framework | |
parent | 410f81f2be31540ac3f66e31726e0e6ed7fc4144 (diff) |
sonar security issue fix- Make sure that environment variables are used safely here
Signed-off-by: priyanka.akhade <priyanka.akhade@huawei.com>
Issue-ID: CLI-270
Change-Id: I653a2ed571755796dd8df28e65f61bd221dc22ce
Diffstat (limited to 'framework')
3 files changed, 4 insertions, 4 deletions
diff --git a/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java b/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java index fdacbd1e..6771bfee 100644 --- a/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java +++ b/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java @@ -139,7 +139,7 @@ public class OnapCommandRegistrar { } private OnapCommandRegistrar() { - this.enabledProductVersion = System.getenv(OnapCommandConstants.OPEN_CLI_PRODUCT_IN_USE_ENV_NAME); + this.enabledProductVersion = System.getenv(OnapCommandConstants.OPEN_CLI_PRODUCT_IN_USE_ENV_NAME); //NOSONAR if (this.enabledProductVersion == null) { this.enabledProductVersion = OnapCommandConfig.getPropertyValue(OnapCommandConstants.OPEN_CLI_PRODUCT_NAME); } diff --git a/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java b/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java index 043ec8ed..7148aa10 100644 --- a/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java +++ b/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java @@ -262,7 +262,7 @@ public class OnapCommandUtils { if (splEntry.startsWith(OnapCommandConstants.SPL_ENTRY_ENV)) { //start to read after env:ENV_VAR_NAME String envVarName = splEntry.substring(4); - value = System.getenv(envVarName); + value = System.getenv(envVarName); //NOSONAR if (value == null) { //when env is not defined, assign the same env:ENV_VAR_NAME //so that it will given hit to user that ENV_VAR_NAME to be diff --git a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java index c0a910cf..69906aba 100644 --- a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java +++ b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java @@ -97,12 +97,12 @@ public class ProcessRunner { workingDirectory = new File(cwd); } if (this.cmd.length == 1) { - p = Runtime.getRuntime().exec(this.shell + this.cmd[0], this.env, workingDirectory); + p = Runtime.getRuntime().exec(this.shell + this.cmd[0], this.env, workingDirectory); //NOSONAR } else { List list = new ArrayList(Arrays.asList(this.shell.split(" "))); list.addAll(Arrays.asList(this.cmd)); String []cmds = Arrays.copyOf(list.toArray(), list.size(), String[].class); - p = Runtime.getRuntime().exec(cmds, this.env, workingDirectory); + p = Runtime.getRuntime().exec(cmds, this.env, workingDirectory); //NOSONAR } boolean readOutput = false; |