From 307d0014124de40826d1af537c0e463a9dcf594d Mon Sep 17 00:00:00 2001 From: "aravind.est" Date: Tue, 22 Aug 2023 16:59:09 +0100 Subject: [PATCH] Fix security hotspot and improve coverage Fix security hotspot. Improve coverage by adding annotation to Lombok generated methods. Issue-ID: NONRTRIC-910 Signed-off-by: aravind.est Change-Id: Iaad64c87271ab219cd0d4a7e4b91885b77633c24 --- lombok.config | 2 ++ .../rappmanager/models/csar/RappCsarConfigurationHandler.java | 9 ++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100755 lombok.config diff --git a/lombok.config b/lombok.config new file mode 100755 index 0000000..b2e2986 --- /dev/null +++ b/lombok.config @@ -0,0 +1,2 @@ +config.stopbubbling=true +lombok.addLombokGeneratedAnnotation=true \ No newline at end of file diff --git a/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java b/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java index bbf59bb..e088463 100755 --- a/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java +++ b/rapp-manager-models/src/main/java/com/oransc/rappmanager/models/csar/RappCsarConfigurationHandler.java @@ -53,9 +53,12 @@ public class RappCsarConfigurationHandler { public boolean isValidRappPackage(MultipartFile multipartFile) { - return multipartFile != null && multipartFile.getOriginalFilename() != null - && multipartFile.getOriginalFilename().endsWith(".csar") && isFileExistsInCsar(multipartFile, - ACM_COMPOSITION_JSON_LOCATION); + String originalFilename = multipartFile.getOriginalFilename(); + if (originalFilename != null) { + return originalFilename.endsWith(".csar") && isFileExistsInCsar(multipartFile, + ACM_COMPOSITION_JSON_LOCATION); + } + return false; } boolean isFileExistsInCsar(MultipartFile multipartFile, String fileLocation) { -- 2.16.6