aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/reception-plugins/src/main/java/org
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/reception-plugins/src/main/java/org')
-rw-r--r--plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java34
1 files changed, 26 insertions, 8 deletions
diff --git a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java
index 282578d0..1e04b932 100644
--- a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java
+++ b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java
@@ -24,7 +24,6 @@ package org.onap.policy.distribution.reception.decoding.policy.file;
import java.io.IOException;
import java.nio.file.Path;
-import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
@@ -49,6 +48,7 @@ public class PolicyDecoderFileInCsarToPolicy implements PolicyDecoder<Csar, Tosc
private PolicyDecoderFileInCsarToPolicyParameterGroup decoderParameters;
private StandardCoder coder;
+ private static final long MAX_FILE_SIZE = 512 * 1024;
/**
* {@inheritDoc}.
@@ -77,8 +77,13 @@ public class PolicyDecoderFileInCsarToPolicy implements PolicyDecoder<Csar, Tosc
try (ZipFile zipFile = new ZipFile(csar.getCsarPath())) {
final Enumeration<? extends ZipEntry> entries = zipFile.entries();
while (entries.hasMoreElements()) {
- final ZipEntry entry = entries.nextElement();
- if (isZipEntryValid(entry, csar.getCsarPath())) {
+ //
+ // Sonar will flag this as a Security Hotspot
+ // "Expanding archive files is security-sensitive"
+ // isZipEntryValid ensures the file being read exists in the archive
+ //
+ final ZipEntry entry = entries.nextElement(); // NOSONAR
+ if (isZipEntryValid(entry.getName(), csar.getCsarPath(), entry.getSize())) {
final ToscaServiceTemplate policy =
coder.decode(zipFile.getInputStream(entry), ToscaServiceTemplate.class);
policyList.add(policy);
@@ -99,18 +104,31 @@ public class PolicyDecoderFileInCsarToPolicy implements PolicyDecoder<Csar, Tosc
* @param entry the ZipEntry to check
* @param csarPath Absolute path to the csar the ZipEntry is in
* @return true if no injection detected, and it is a policy type or policy file.
+ * @throws PolicyDecodingException if the file size is too large
*/
- private boolean isZipEntryValid(ZipEntry entry, String csarPath) {
+ private boolean isZipEntryValid(String entryName, String csarPath, long entrySize) throws PolicyDecodingException {
//
// We only care about policy types and policies
//
- if (entry.getName().contains(decoderParameters.getPolicyTypeFileName())
- || entry.getName().contains(decoderParameters.getPolicyFileName())) {
+ if (entryName.contains(decoderParameters.getPolicyTypeFileName())
+ || entryName.contains(decoderParameters.getPolicyFileName())) {
+ //
+ // Check file size
+ //
+ if (entrySize > MAX_FILE_SIZE) {
+ throw new PolicyDecodingException("Zip entry for " + entryName + " is too large " + entrySize);
+ }
//
// Now ensure that there is no path injection
//
- Path path = Path.of(csarPath, entry.getName()).normalize();
- return path.startsWith(csarPath);
+ Path path = Path.of(csarPath, entryName).normalize();
+ //
+ // Throw an exception if path is outside the csar
+ //
+ if (! path.startsWith(csarPath)) {
+ throw new PolicyDecodingException("Potential path injection for zip entry " + entryName);
+ }
+ return true;
}
return false;