From: aravind.est Date: Tue, 22 Aug 2023 15:59:09 +0000 (+0100) Subject: Fix security hotspot and improve coverage X-Git-Tag: 0.0.1~48 X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F60%2F11660%2F1;p=nonrtric%2Fplt%2Frappmanager.git Fix security hotspot and improve coverage Fix security hotspot. Improve coverage by adding annotation to Lombok generated methods. Issue-ID: NONRTRIC-910 Signed-off-by: aravind.est Change-Id: Iaad64c87271ab219cd0d4a7e4b91885b77633c24 --- diff --git a/lombok.config b/lombok.config new file mode 100755 index 0000000..b2e2986 --- /dev/null +++ b/lombok.config @@ -0,0 +1,2 @@ +config.stopbubbling=true +lombok.addLombokGeneratedAnnotation=true \ No newline at end of file diff --git a/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java b/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java index bbf59bb..e088463 100755 --- a/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java +++ b/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java @@ -53,9 +53,12 @@ public class RappCsarConfigurationHandler { public boolean isValidRappPackage(MultipartFile multipartFile) { - return multipartFile != null && multipartFile.getOriginalFilename() != null - && multipartFile.getOriginalFilename().endsWith(".csar") && isFileExistsInCsar(multipartFile, - ACM_COMPOSITION_JSON_LOCATION); + String originalFilename = multipartFile.getOriginalFilename(); + if (originalFilename != null) { + return originalFilename.endsWith(".csar") && isFileExistsInCsar(multipartFile, + ACM_COMPOSITION_JSON_LOCATION); + } + return false; } boolean isFileExistsInCsar(MultipartFile multipartFile, String fileLocation) {