aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRam Koya <rk541m@att.com>2018-09-24 14:21:41 +0000
committerGerrit Code Review <gerrit@onap.org>2018-09-24 14:21:41 +0000
commitca28db1f5b2b2b68b2c400fc157adabdcbd084bc (patch)
treeebd42a5218778e3641760df98dc6b054c1fe8711
parentbc6df0d31264c1cebb895dbb09c6bdefd435c044 (diff)
parent32a143ffae69b2675e98c1d41be18defe31645b4 (diff)
Merge "Fix NodeServlet Vulnerabilities"
-rw-r--r--datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java23
1 files changed, 8 insertions, 15 deletions
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
index b54068b5..51e59925 100644
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
@@ -137,15 +137,16 @@ public class NodeServlet extends HttpServlet {
/**
* Handle all PUT requests
*/
- protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+ protected void doPut(HttpServletRequest req, HttpServletResponse resp) {
NodeUtils.setIpAndFqdnForEelf("doPut");
eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader("X-ATT-DR-ON-BEHALF-OF"),
getIdFromPath(req) + "");
try {
common(req, resp, true);
- }
- catch(IOException ioe){
+ } catch(IOException ioe){
logger.error("IOException" + ioe.getMessage());
+ } catch(ServletException se){
+ logger.error("ServletException" + se.getMessage());
}
}
@@ -158,9 +159,10 @@ public class NodeServlet extends HttpServlet {
getIdFromPath(req) + "");
try {
common(req, resp, false);
- }
- catch(IOException ioe){
+ } catch(IOException ioe){
logger.error("IOException" + ioe.getMessage());
+ } catch(ServletException se){
+ logger.error("ServletException" + se.getMessage());
}
}
@@ -277,9 +279,8 @@ public class NodeServlet extends HttpServlet {
File data = new File(fbase);
File meta = new File(fbase + ".M");
OutputStream dos = null;
- Writer mw = null;
InputStream is = null;
- try {
+ try (Writer mw = new FileWriter(meta)){
StringBuffer mx = new StringBuffer();
mx.append(req.getMethod()).append('\t').append(fileid).append('\n');
Enumeration hnames = req.getHeaderNames();
@@ -353,12 +354,10 @@ public class NodeServlet extends HttpServlet {
}
String dbase = di.getSpool() + "/" + pubid;
Files.createLink(Paths.get(dbase), dpath);
- mw = new FileWriter(meta);
mw.write(metadata);
if (di.getSubId() == null) {
mw.write("X-ATT-DR-ROUTING\t" + t.getRouting() + "\n");
}
- mw.close();
meta.renameTo(new File(dbase + ".M"));
}
resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
@@ -383,12 +382,6 @@ public class NodeServlet extends HttpServlet {
} catch (Exception e) {
}
}
- if (mw != null) {
- try {
- mw.close();
- } catch (Exception e) {
- }
- }
try {
data.delete();
} catch (Exception e) {