Merge "Fix Main Vulnerabilities"

[dmaap/datarouter.git] / datarouter-node / src / main / java / org / onap / dmaap / datarouter / node / NodeServlet.java

diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
index e5eb2ed..51e5992 100644 (file)
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
@@ -68,18 +68,15 @@ public class NodeServlet extends HttpServlet {
         .getLogger("org.onap.dmaap.datarouter.node.NodeServlet");
 
     static {
-        try {
-            final String ws = "\\s*";
-            // assume that \\ and \" have been replaced by X
-            final String string = "\"[^\"]*\"";
-            //String string = "\"(?:[^\"\\\\]|\\\\.)*\"";
-            final String number = "[+-]?(?:\\.\\d+|(?:0|[1-9]\\d*)(?:\\.\\d*)?)(?:[eE][+-]?\\d+)?";
-            final String value = "(?:" + string + "|" + number + "|null|true|false)";
-            final String item = string + ws + ":" + ws + value + ws;
-            final String object = ws + "\\{" + ws + "(?:" + item + "(?:" + "," + ws + item + ")*)?\\}" + ws;
-            MetaDataPattern = Pattern.compile(object, Pattern.DOTALL);
-        } catch (Exception e) {
-        }
+        final String ws = "\\s*";
+        // assume that \\ and \" have been replaced by X
+        final String string = "\"[^\"]*\"";
+        //String string = "\"(?:[^\"\\\\]|\\\\.)*\"";
+        final String number = "[+-]?(?:\\.\\d+|(?:0|[1-9]\\d*)(?:\\.\\d*)?)(?:[eE][+-]?\\d+)?";
+        final String value = "(?:" + string + "|" + number + "|null|true|false)";
+        final String item = string + ws + ":" + ws + value + ws;
+        final String object = ws + "\\{" + ws + "(?:" + item + "(?:" + "," + ws + item + ")*)?\\}" + ws;
+        MetaDataPattern = Pattern.compile(object, Pattern.DOTALL);
     }
 
     /**
@@ -140,15 +137,16 @@ public class NodeServlet extends HttpServlet {
     /**
      * Handle all PUT requests
      */
-    protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+    protected void doPut(HttpServletRequest req, HttpServletResponse resp) {
         NodeUtils.setIpAndFqdnForEelf("doPut");
         eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader("X-ATT-DR-ON-BEHALF-OF"),
             getIdFromPath(req) + "");
         try {
             common(req, resp, true);
-        }
-        catch(IOException ioe){
+        } catch(IOException ioe){
             logger.error("IOException" + ioe.getMessage());
+        } catch(ServletException se){
+            logger.error("ServletException" + se.getMessage());
         }
     }
 
@@ -161,9 +159,10 @@ public class NodeServlet extends HttpServlet {
             getIdFromPath(req) + "");
         try {
             common(req, resp, false);
-        }
-        catch(IOException ioe){
+        } catch(IOException ioe){
             logger.error("IOException" + ioe.getMessage());
+        } catch(ServletException se){
+            logger.error("ServletException" + se.getMessage());
         }
     }
 
@@ -280,9 +279,8 @@ public class NodeServlet extends HttpServlet {
         File data = new File(fbase);
         File meta = new File(fbase + ".M");
         OutputStream dos = null;
-        Writer mw = null;
         InputStream is = null;
-        try {
+        try (Writer mw = new FileWriter(meta)){
             StringBuffer mx = new StringBuffer();
             mx.append(req.getMethod()).append('\t').append(fileid).append('\n');
             Enumeration hnames = req.getHeaderNames();
@@ -356,12 +354,10 @@ public class NodeServlet extends HttpServlet {
                 }
                 String dbase = di.getSpool() + "/" + pubid;
                 Files.createLink(Paths.get(dbase), dpath);
-                mw = new FileWriter(meta);
                 mw.write(metadata);
                 if (di.getSubId() == null) {
                     mw.write("X-ATT-DR-ROUTING\t" + t.getRouting() + "\n");
                 }
-                mw.close();
                 meta.renameTo(new File(dbase + ".M"));
             }
             resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
@@ -386,12 +382,6 @@ public class NodeServlet extends HttpServlet {
                 } catch (Exception e) {
                 }
             }
-            if (mw != null) {
-                try {
-                    mw.close();
-                } catch (Exception e) {
-                }
-            }
             try {
                 data.delete();
             } catch (Exception e) {