Code Review / oam / nf-oam-adopter.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix security hotspots complains
[oam/nf-oam-adopter.git] / ves-nf-oam-adopter / ves-nf-oam-adopter-pm-manager / src / main / java / org / o / ran / oam / nf / oam / adopter / pm / rest / manager / mapper / PerformanceManagementFile2VesMapper.java
diff --git a/ves-nf-oam-adopter/ves-nf-oam-adopter-pm-manager/src/main/java/org/o/ran/oam/nf/oam/adopter/pm/rest/manager/mapper/PerformanceManagementFile2VesMapper.java b/ves-nf-oam-adopter/ves-nf-oam-adopter-pm-manager/src/main/java/org/o/ran/oam/nf/oam/adopter/pm/rest/manager/mapper/PerformanceManagementFile2VesMapper.java
index 97197cf..0d40c7b 100644 (file)
--- a/ves-nf-oam-adopter/ves-nf-oam-adopter-pm-manager/src/main/java/org/o/ran/oam/nf/oam/adopter/pm/rest/manager/mapper/PerformanceManagementFile2VesMapper.java
+++ b/ves-nf-oam-adopter/ves-nf-oam-adopter-pm-manager/src/main/java/org/o/ran/oam/nf/oam/adopter/pm/rest/manager/mapper/PerformanceManagementFile2VesMapper.java
@@ -48,6 +48,8 @@ public class PerformanceManagementFile2VesMapper {
     private static final String CSV_EXTENSION = ".csv";
     private final PerformanceManagementMapperConfigProvider pmConfigProvider;
     private static final int THRESHOLD_SIZE  = 1000000000; // 1 GB
+    private static final int THRESHOLD_RATIO = 10;
+    private static final int THRESHOLD_ENTRIES = 10000;
 
     @Autowired
     public PerformanceManagementFile2VesMapper(final PerformanceManagementMapperConfigProvider pmConfigProvider) {
@@ -71,10 +73,26 @@ public class PerformanceManagementFile2VesMapper {
         try {
             ZipEntry entry;
             final var mappingConfiguration = pmConfigProvider.getVesMappingConfiguration();
+            var totalSizeEntry = 0;
+            var totalEntryArchive = 0;
             while ((entry = zipInputStream.getNextEntry()) != null) {
-                if (entry.getSize() > THRESHOLD_SIZE  || entry.getSize() == -1) {
+                final var size = entry.getSize();
+                totalEntryArchive++;
+                totalSizeEntry += size;
+                if (totalSizeEntry > THRESHOLD_SIZE || size == -1) {
                     throw new IllegalStateException("File to be unzipped too big.");
                 }
+
+                final long compressionRatio = totalSizeEntry / entry.getCompressedSize();
+                if (compressionRatio > THRESHOLD_RATIO) {
+                    return Single.error(new Exception("Wrong file type, threshold to high."));
+                }
+
+                if (totalEntryArchive > THRESHOLD_ENTRIES) {
+                    // too much entries in this archive, can lead to inodes exhaustion of the system
+                    return Single.error(new Exception("Too many files"));
+                }
+
                 final String entryName = entry.getName();
                 if (!entryName.endsWith(CSV_EXTENSION)) {
                     return Single.error(new Exception("Wrong file type :" + entryName));
"oam_nf_oam_adopter"