From f3cae60106da7bef3ab69ea2423aebda491e5117 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Mon, 10 Apr 2017 14:12:12 -0700 Subject: Add missing defensive copy to APIResponse APIResponse is supposed to be immutable, but was exposing its internals in the getResponseBodyAsByteArray() method. This change adds the missing defensive copy in that method. Change-Id: I8a424a4cb72eb703fb425ffbd30ea70d6592f85a Signed-off-by: Gary Wu --- .../main/java/org/openecomp/mso/rest/APIResponse.java | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/bpmn/MSORESTClient/src/main/java/org/openecomp/mso/rest/APIResponse.java b/bpmn/MSORESTClient/src/main/java/org/openecomp/mso/rest/APIResponse.java index dfb9f36..ea9ca62 100644 --- a/bpmn/MSORESTClient/src/main/java/org/openecomp/mso/rest/APIResponse.java +++ b/bpmn/MSORESTClient/src/main/java/org/openecomp/mso/rest/APIResponse.java @@ -21,6 +21,7 @@ package org.openecomp.mso.rest; import java.io.IOException; +import java.util.Arrays; import org.apache.http.Header; import org.apache.http.HttpResponse; @@ -44,7 +45,7 @@ public class APIResponse { * @param httpResponse used to create headers * @return http headers */ - private HttpHeader[] buildHeaders(final HttpResponse httpResponse) { + private static HttpHeader[] buildHeaders(final HttpResponse httpResponse) { final Header[] headers = httpResponse.getAllHeaders(); HttpHeader[] httpHeaders = new HttpHeader[headers.length]; @@ -102,7 +103,12 @@ public class APIResponse { * @return http response body */ public byte[] getResponseBodyAsByteArray() { - return this.responseBody; + // avoid exposing internals, create copy + if (this.responseBody != null) { + return Arrays.copyOf(this.responseBody, this.responseBody.length); + } else { + return null; + } } /** @@ -125,11 +131,7 @@ public class APIResponse { */ public HttpHeader[] getAllHeaders() { // avoid exposing internals, create copy - HttpHeader[] copy = new HttpHeader[this.headers.length]; - for (int i = 0; i < this.headers.length; ++i) { - copy[i] = headers[i]; - } - return copy; + return Arrays.copyOf(this.headers, this.headers.length); } public String getFirstHeader(String name) { -- cgit 1.2.3-korg