andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
c565805f1b
netty5/codec-http/src/main/java/io/netty/handler/codec/http/multipart/DiskFileUpload.java
Aron Wieck ffd6911586 Use constant string instead of user provided file name for DiskFileUpload temp file names. 
Motivation:

DiskFileUpload creates temporary files for storing user uploads containing the user provided file name as part of the temporary file name. While most security problems are prevented by using "new File(userFileName).getName()" a small risk for bugs or security issues remains.

Modifications:

Use a constant string as file name and rely on the callers use of File.createTemp to ensure unique disk file names.

Result:

A slight security improvement at the cost of a little more obfuscated temp file names.
2017-04-27 16:02:41 -07:00

233 lines
6.3 KiB
Java
Raw Blame History

/*
* Copyright 2012 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.codec.http.multipart;
import io.netty.buffer.ByteBuf;
import io.netty.channel.ChannelException;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpHeaderValues;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
/**
* Disk FileUpload implementation that stores file into real files
*/
public class DiskFileUpload extends AbstractDiskHttpData implements FileUpload {
public static String baseDirectory;
public static boolean deleteOnExitTemporaryFile = true;
public static final String prefix = "FUp_";
public static final String postfix = ".tmp";
private String filename;
private String contentType;
private String contentTransferEncoding;
public DiskFileUpload(String name, String filename, String contentType,
String contentTransferEncoding, Charset charset, long size) {
super(name, charset, size);
setFilename(filename);
setContentType(contentType);
setContentTransferEncoding(contentTransferEncoding);
}
@Override
public HttpDataType getHttpDataType() {
return HttpDataType.FileUpload;
}
@Override
public String getFilename() {
return filename;
}
@Override
public void setFilename(String filename) {
if (filename == null) {
throw new NullPointerException("filename");
}
this.filename = filename;
}
@Override
public int hashCode() {
return FileUploadUtil.hashCode(this);
}
@Override
public boolean equals(Object o) {
return o instanceof FileUpload && FileUploadUtil.equals(this, (FileUpload) o);
}
@Override
public int compareTo(InterfaceHttpData o) {
if (!(o instanceof FileUpload)) {
throw new ClassCastException("Cannot compare " + getHttpDataType() +
" with " + o.getHttpDataType());
}
return compareTo((FileUpload) o);
}
public int compareTo(FileUpload o) {
return FileUploadUtil.compareTo(this, o);
}
@Override
public void setContentType(String contentType) {
if (contentType == null) {
throw new NullPointerException("contentType");
}
this.contentType = contentType;
}
@Override
public String getContentType() {
return contentType;
}
@Override
public String getContentTransferEncoding() {
return contentTransferEncoding;
}
@Override
public void setContentTransferEncoding(String contentTransferEncoding) {
this.contentTransferEncoding = contentTransferEncoding;
}
@Override
public String toString() {
File file = null;
try {
file = getFile();
} catch (IOException e) {
// Should not occur.
}
return HttpHeaderNames.CONTENT_DISPOSITION + ": " +
HttpHeaderValues.FORM_DATA + "; " + HttpHeaderValues.NAME + "=\"" + getName() +
"\"; " + HttpHeaderValues.FILENAME + "=\"" + filename + "\"\r\n" +
HttpHeaderNames.CONTENT_TYPE + ": " + contentType +
(getCharset() != null? "; " + HttpHeaderValues.CHARSET + '=' + getCharset().name() + "\r\n" : "\r\n") +
HttpHeaderNames.CONTENT_LENGTH + ": " + length() + "\r\n" +
"Completed: " + isCompleted() +
"\r\nIsInMemory: " + isInMemory() + "\r\nRealFile: " +
(file != null ? file.getAbsolutePath() : "null") + " DefaultDeleteAfter: " +
deleteOnExitTemporaryFile;
}
@Override
protected boolean deleteOnExit() {
return deleteOnExitTemporaryFile;
}
@Override
protected String getBaseDirectory() {
return baseDirectory;
}
@Override
protected String getDiskFilename() {
return "upload";
}
@Override
protected String getPostfix() {
return postfix;
}
@Override
protected String getPrefix() {
return prefix;
}
@Override
public FileUpload copy() {
final ByteBuf content = content();
return replace(content != null ? content.copy() : null);
}
@Override
public FileUpload duplicate() {
final ByteBuf content = content();
return replace(content != null ? content.duplicate() : null);
}
@Override
public FileUpload retainedDuplicate() {
ByteBuf content = content();
if (content != null) {
content = content.retainedDuplicate();
boolean success = false;
try {
FileUpload duplicate = replace(content);
success = true;
return duplicate;
} finally {
if (!success) {
content.release();
}
}
} else {
return replace(null);
}
}
@Override
public FileUpload replace(ByteBuf content) {
DiskFileUpload upload = new DiskFileUpload(
getName(), getFilename(), getContentType(), getContentTransferEncoding(), getCharset(), size);
if (content != null) {
try {
upload.setContent(content);
} catch (IOException e) {
throw new ChannelException(e);
}
}
return upload;
}
@Override
public FileUpload retain(int increment) {
super.retain(increment);
return this;
}
@Override
public FileUpload retain() {
super.retain();
return this;
}
@Override
public FileUpload touch() {
super.touch();
return this;
}
@Override
public FileUpload touch(Object hint) {
super.touch(hint);
return this;
}
}
Reference in New Issue View Git Blame Copy Permalink