aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsharath reddy <bs.reddy@huawei.com>2022-04-26 11:32:13 +0530
committersharath reddy <bs.reddy@huawei.com>2022-04-26 11:33:27 +0530
commit27292af1f4b84aa2054d37839a907382ac6bc483 (patch)
tree065672fe2972eb2d304623374d9c1f8c53043e03
parenta411571a8035814da3ff4ff81a0c0615e3186d25 (diff)
Changed the code to not log user-controlled data.
Issue-ID: VNFSDK-834 Signed-off-by: sharath reddy <bs.reddy@huawei.com> Change-Id: If24a646ce4d8b239f1866c6fb7b446f0ce2e3f53
Diffstat
-rw-r--r--vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java12
1 files changed, 10 insertions, 2 deletions
diff --git a/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java b/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
index 5fb41dde..c3cd60be 100644
--- a/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
+++ b/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
@@ -17,7 +17,9 @@ package org.onap.vnfsdk.marketplace.db.wrapper;
import java.util.ArrayList;
import java.util.List;
+import java.util.Objects;
+import org.apache.commons.lang3.StringUtils;
import org.onap.vnfsdk.marketplace.db.common.MarketplaceResourceType;
import org.onap.vnfsdk.marketplace.db.entity.PackageData;
import org.onap.vnfsdk.marketplace.db.exception.MarketplaceResourceException;
@@ -74,11 +76,18 @@ public class PackageHandler extends BaseHandler<PackageData> {
* @return PackageData list
* @throws MarketplaceResourceException e
*/
+ private String loggerPatternBreaking(String loggerInput) {
+return Objects.nonNull(loggerInput) ? loggerInput.replaceAll("[\n\r\t]", "_") : StringUtils.EMPTY;
+
+}
+
public List<PackageData> queryByID(String csarID)
throws MarketplaceResourceException {
logger.info("packageHandler:start query package info.");
List<PackageData> data = new ArrayList<>();
- logger.info("packageHandler:start query data .info:{}" , csarID);
+ if (logger.isInfoEnabled()) {
+ logger.info("packageHandler:start query data .info:{}" , loggerPatternBreaking(csarID));
+ }
IMarketplaceDao dao = new MarketplaceDaoImpl();
Object result = dao.getPackageData(csarID);
if (result != null) {
@@ -96,4 +105,3 @@ public class PackageHandler extends BaseHandler<PackageData> {
throw new UnsupportedOperationException();
}
}
-