diff options
author | Smokowski, Steve (ss835w) <ss835w@us.att.com> | 2018-12-05 08:30:51 -0500 |
---|---|---|
committer | Smokowski, Steve (ss835w) <ss835w@us.att.com> | 2018-12-05 08:30:51 -0500 |
commit | 2bb9251043b543bb5005b7cf9af6ac4f58a0f733 (patch) | |
tree | 1d2667f823e552fa81e6287febfad0ba5c17269a /common/src/main | |
parent | 9a3841eadc588c3b3f50f2351b741edd139ca13c (diff) |
Resolve Security Exploits
normalize all file paths before using them
Change-Id: I67aaa00d7218b95dde96f3679efe92c3c0cd33f9
Issue-ID: SO-1275
Signed-off-by: Smokowski, Steve (ss835w) <ss835w@us.att.com>
Diffstat (limited to 'common/src/main')
-rw-r--r-- | common/src/main/java/org/onap/so/client/RestClientSSL.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/common/src/main/java/org/onap/so/client/RestClientSSL.java b/common/src/main/java/org/onap/so/client/RestClientSSL.java index ac4a8d1a7c..8369eba859 100644 --- a/common/src/main/java/org/onap/so/client/RestClientSSL.java +++ b/common/src/main/java/org/onap/so/client/RestClientSSL.java @@ -22,6 +22,7 @@ package org.onap.so.client; import java.io.FileInputStream; import java.net.URI; +import java.nio.file.Paths; import java.security.KeyStore; import java.security.NoSuchAlgorithmException; import java.util.Optional; @@ -72,7 +73,7 @@ public abstract class RestClientSSL extends RestClient { private KeyStore getKeyStore() { KeyStore ks = null; char[] password = System.getProperty(RestClientSSL.SSL_KEY_STORE_PASSWORD_KEY).toCharArray(); - try(FileInputStream fis = new FileInputStream(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY))) { + try(FileInputStream fis = new FileInputStream(Paths.get(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY)).normalize().toString())) { ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(fis, password); |