aboutsummaryrefslogtreecommitdiffstats
path: root/common/src/main
diff options
context:
space:
mode:
authorSmokowski, Steve (ss835w) <ss835w@us.att.com>2018-12-05 08:30:51 -0500
committerSmokowski, Steve (ss835w) <ss835w@us.att.com>2018-12-05 08:30:51 -0500
commit2bb9251043b543bb5005b7cf9af6ac4f58a0f733 (patch)
tree1d2667f823e552fa81e6287febfad0ba5c17269a /common/src/main
parent9a3841eadc588c3b3f50f2351b741edd139ca13c (diff)
Resolve Security Exploits
normalize all file paths before using them Change-Id: I67aaa00d7218b95dde96f3679efe92c3c0cd33f9 Issue-ID: SO-1275 Signed-off-by: Smokowski, Steve (ss835w) <ss835w@us.att.com>
Diffstat (limited to 'common/src/main')
-rw-r--r--common/src/main/java/org/onap/so/client/RestClientSSL.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/common/src/main/java/org/onap/so/client/RestClientSSL.java b/common/src/main/java/org/onap/so/client/RestClientSSL.java
index ac4a8d1a7c..8369eba859 100644
--- a/common/src/main/java/org/onap/so/client/RestClientSSL.java
+++ b/common/src/main/java/org/onap/so/client/RestClientSSL.java
@@ -22,6 +22,7 @@ package org.onap.so.client;
import java.io.FileInputStream;
import java.net.URI;
+import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.Optional;
@@ -72,7 +73,7 @@ public abstract class RestClientSSL extends RestClient {
private KeyStore getKeyStore() {
KeyStore ks = null;
char[] password = System.getProperty(RestClientSSL.SSL_KEY_STORE_PASSWORD_KEY).toCharArray();
- try(FileInputStream fis = new FileInputStream(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY))) {
+ try(FileInputStream fis = new FileInputStream(Paths.get(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY)).normalize().toString())) {
ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(fis, password);