Removing jackson to mitigate cve-2017-4995

[vfc/nfvo/driver/vnfm/svnfm.git] / nokiav2 / driver / src / main / java / org / onap / vfc / nfvo / driver / vnfm / svnfm / nokia / spring / RealConfig.java

diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/RealConfig.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/RealConfig.java
index f9b2e39..7ab14e8 100644 (file)
--- a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/RealConfig.java
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/RealConfig.java
@@ -15,15 +15,16 @@
  */
 package org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.spring;
 
+import com.google.gson.Gson;
+import com.nokia.cbam.lcn.v32.JSON;
+import java.util.ArrayList;
+import java.util.Collection;
 import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.GsonHttpMessageConverter;
 
-import java.util.ArrayList;
-import java.util.Collection;
-
 /**
  * Responsible for configuring the raw REST input conversion
  */
@@ -40,7 +41,8 @@ public class RealConfig {
     @Bean
     public HttpMessageConverters customConverters() {
         Collection<HttpMessageConverter<?>> messageConverters = new ArrayList<>();
-        GsonHttpMessageConverter gsonHttpMessageConverter = new GsonHttpMessageConverter();
+        Gson gson = new JSON().getGson();
+        GsonHttpMessageConverter gsonHttpMessageConverter = new GsonHttpMessageConverter(gson);
         messageConverters.add(gsonHttpMessageConverter);
         return new HttpMessageConverters(true, messageConverters);
     }