Code Review / vnfsdk / refrepo.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (from parent 1: a411571)
Changed the code to not log user-controlled data. 68/128868/1
authorsharath reddy <bs.reddy@huawei.com>
Tue, 26 Apr 2022 06:02:13 +0000 (11:32 +0530)
committersharath reddy <bs.reddy@huawei.com>
Tue, 26 Apr 2022 06:03:27 +0000 (11:33 +0530)
Issue-ID: VNFSDK-834

Signed-off-by: sharath reddy <bs.reddy@huawei.com>
Change-Id: If24a646ce4d8b239f1866c6fb7b446f0ce2e3f53

vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java patch | blob | history

diff --git a/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java b/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
index 5fb41dd..c3cd60b 100644 (file)
--- a/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
+++ b/vnfmarket-be/vnf-sdk-marketplace/src/main/java/org/onap/vnfsdk/marketplace/db/wrapper/PackageHandler.java
@@ -17,7 +17,9 @@ package org.onap.vnfsdk.marketplace.db.wrapper;
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Objects;
 
+import org.apache.commons.lang3.StringUtils;
 import org.onap.vnfsdk.marketplace.db.common.MarketplaceResourceType;
 import org.onap.vnfsdk.marketplace.db.entity.PackageData;
 import org.onap.vnfsdk.marketplace.db.exception.MarketplaceResourceException;
@@ -74,11 +76,18 @@ public class PackageHandler extends BaseHandler<PackageData> {
      * @return PackageData list
      * @throws MarketplaceResourceException e
      */
+    private String loggerPatternBreaking(String loggerInput) {
+return Objects.nonNull(loggerInput) ? loggerInput.replaceAll("[\n\r\t]", "_") : StringUtils.EMPTY;
+
+}
+
     public List<PackageData> queryByID(String csarID)
             throws MarketplaceResourceException {
         logger.info("packageHandler:start query package info.");
         List<PackageData> data = new ArrayList<>();
-        logger.info("packageHandler:start query data .info:{}" , csarID);
+        if (logger.isInfoEnabled()) {
+        logger.info("packageHandler:start query data .info:{}" , loggerPatternBreaking(csarID));
+        }
         IMarketplaceDao dao = new MarketplaceDaoImpl();
         Object result = dao.getPackageData(csarID);
         if (result != null) {
@@ -96,4 +105,3 @@ public class PackageHandler extends BaseHandler<PackageData> {
         throw new UnsupportedOperationException();
     }
 }
-
This repository is for a reference vnf repository