diff options
| author |   Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com> | 2020-04-21 09:34:52 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2020-04-21 09:34:52 +0000 |
| commit | 9203c9c40e963b4a5e451b38d32687a185f3b8c6 (patch) | |
| tree | 1732d7a359d11797007871327cd2b6a7a24fda86 | |
| parent | 7cb301c201ade257b39e1373ae6a61da704f9fb0 (diff) | |
| parent | 7fc63309a08cfee169c4643b108aa2a8f41d692b (diff) | |
Merge "Fix security vulnerable"
| -rw-r--r-- | pnfsimulator/src/main/java/org/onap/pnfsimulator/rest/SimulatorController.java | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pnfsimulator/src/main/java/org/onap/pnfsimulator/rest/SimulatorController.java b/pnfsimulator/src/main/java/org/onap/pnfsimulator/rest/SimulatorController.java index 75a7b74..3647ecc 100644 --- a/pnfsimulator/src/main/java/org/onap/pnfsimulator/rest/SimulatorController.java +++ b/pnfsimulator/src/main/java/org/onap/pnfsimulator/rest/SimulatorController.java @@ -82,6 +82,7 @@ public class SimulatorController { private static final Marker ENTRY = MarkerFactory.getMarker("ENTRY"); private static final String INCORRECT_TEMPLATE_MESSAGE = "Cannot start simulator, template %s is not in valid format: %s"; private static final String NOT_EXISTING_TEMPLATE = "Cannot start simulator - template %s not found."; + private static final String BREAKING_CHARACTER_REGEX = "[\n|\r|\t]"; private final DateFormat responseDateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss,SSS"); private final SimulatorService simulatorService; private EventDataService eventDataService; @@ -163,7 +164,7 @@ public class SimulatorController { @PostMapping("cancel/{jobName}") public ResponseEntity cancelEvent(@PathVariable String jobName) throws SchedulerException { - LOGGER.info(ENTRY, "Cancel called on {}.", jobName); + LOGGER.info(ENTRY, "Cancel called on {}.", replaceBreakingCharacters(jobName)); boolean isCancelled = simulatorService.cancelEvent(jobName); return createCancelEventResponse(isCancelled); } @@ -184,6 +185,10 @@ public class SimulatorController { return buildResponse(ACCEPTED, ImmutableMap.of(MESSAGE, "One-time direct event sent successfully")); } + private String replaceBreakingCharacters(String jobName) { + return jobName.replaceAll(BREAKING_CHARACTER_REGEX, "_"); + } + private ResponseEntity processRequest(SimulatorRequest triggerEventRequest) throws IOException, SchedulerException, GeneralSecurityException { |