summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoresobmar <mariusz.sobucki@ericsson.com>2018-09-25 13:40:47 +0100
committeresobmar <mariusz.sobucki@ericsson.com>2018-09-26 12:20:13 +0100
commita84001c07c0ca3d8c08a3f5b3f500c03be4d6f8b (patch)
tree08e2c1e7085c44ef24d9d4786f8065da6130e79c
parentcf56334cb448abce5df93f4799ad6b1f2f2f3134 (diff)
Fix Parameters Vulnerabilities
Change-Id: I0774c1a592f9daf5c09f4d0935a9ee862a834e51 Signed-off-by: Mariusz Sobucki <mariusz.sobucki@ericsson.com> Issue-ID: DMAAP-775
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java42
1 files changed, 22 insertions, 20 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
index b2378218..4d2c9d1f 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
@@ -35,13 +35,14 @@ import org.json.JSONObject;
import org.onap.dmaap.datarouter.provisioning.utils.DB;
/**
- * Methods to provide access to Provisioning parameters in the DB.
- * This class also provides constants of the standard parameters used by the Data Router.
+ * Methods to provide access to Provisioning parameters in the DB. This class also provides constants of the standard
+ * parameters used by the Data Router.
*
* @author Robert Eby
* @version $Id: Parameters.java,v 1.11 2014/03/12 19:45:41 eby Exp $
*/
public class Parameters extends Syncable {
+
public static final String PROV_REQUIRE_SECURE = "PROV_REQUIRE_SECURE";
public static final String PROV_REQUIRE_CERT = "PROV_REQUIRE_CERT";
public static final String PROV_AUTH_ADDRESSES = "PROV_AUTH_ADDRESSES";
@@ -90,9 +91,9 @@ public class Parameters extends Syncable {
DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
+ try (Statement stmt = conn.createStatement()) {
String sql = "select * from PARAMETERS";
- try(ResultSet rs = stmt.executeQuery(sql)) {
+ try (ResultSet rs = stmt.executeQuery(sql)) {
while (rs.next()) {
Parameters p = new Parameters(rs);
coll.add(p);
@@ -101,7 +102,7 @@ public class Parameters extends Syncable {
}
db.release(conn);
} catch (SQLException e) {
- e.printStackTrace();
+ intlogger.error("SQLException " + e.getMessage());
}
return coll;
}
@@ -118,9 +119,10 @@ public class Parameters extends Syncable {
DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(PreparedStatement stmt = conn.prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {
+ try (PreparedStatement stmt = conn
+ .prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {
stmt.setString(1, k);
- try(ResultSet rs = stmt.executeQuery()) {
+ try (ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
v = new Parameters(rs);
}
@@ -128,7 +130,7 @@ public class Parameters extends Syncable {
}
db.release(conn);
} catch (SQLException e) {
- e.printStackTrace();
+ intlogger.error("SQLException " + e.getMessage());
}
return v;
}
@@ -185,14 +187,13 @@ public class Parameters extends Syncable {
} catch (SQLException e) {
rv = false;
intlogger.warn("PROV0005 doInsert: " + e.getMessage());
- e.printStackTrace();
} finally {
try {
- if(ps!=null) {
+ if (ps != null) {
ps.close();
}
} catch (SQLException e) {
- e.printStackTrace();
+ intlogger.error("SQLException " + e.getMessage());
}
}
return rv;
@@ -212,14 +213,13 @@ public class Parameters extends Syncable {
} catch (SQLException e) {
rv = false;
intlogger.warn("PROV0006 doUpdate: " + e.getMessage());
- e.printStackTrace();
} finally {
try {
- if(ps!=null) {
+ if (ps != null) {
ps.close();
}
} catch (SQLException e) {
- e.printStackTrace();
+ intlogger.error("SQLException " + e.getMessage());
}
}
return rv;
@@ -238,14 +238,13 @@ public class Parameters extends Syncable {
} catch (SQLException e) {
rv = false;
intlogger.warn("PROV0007 doDelete: " + e.getMessage());
- e.printStackTrace();
} finally {
try {
- if(ps!=null) {
+ if (ps != null) {
ps.close();
}
} catch (SQLException e) {
- e.printStackTrace();
+ intlogger.error("SQLException " + e.getMessage());
}
}
return rv;
@@ -258,13 +257,16 @@ public class Parameters extends Syncable {
@Override
public boolean equals(Object obj) {
- if (!(obj instanceof Parameters))
+ if (!(obj instanceof Parameters)) {
return false;
+ }
Parameters of = (Parameters) obj;
- if (!keyname.equals(of.keyname))
+ if (!keyname.equals(of.keyname)) {
return false;
- if (!value.equals(of.value))
+ }
+ if (!value.equals(of.value)) {
return false;
+ }
return true;
}