Code Review / policy / engine.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 881074d)
Fix Fortify Log Forging Issue 07/32407/2
authorguangxingwang <gw1218@att.com>
Wed, 21 Feb 2018 15:22:12 +0000 (09:22 -0600)
committerguangxingwang <gw1218@att.com>
Wed, 21 Feb 2018 16:18:54 +0000 (10:18 -0600)
Fix Fortify log forging issue by removing properties info from logging.

Issue-ID: POLICY-544
Change-Id: I6e7d39abe18698f864564844963d7bbddedd2e3b
Signed-off-by: guangxingwang <gw1218@att.com>
ONAP-XACML/src/main/java/org/onap/policy/xacml/std/pap/StdEngine.java patch | blob | history

diff --git a/ONAP-XACML/src/main/java/org/onap/policy/xacml/std/pap/StdEngine.java b/ONAP-XACML/src/main/java/org/onap/policy/xacml/std/pap/StdEngine.java
index 4399f71..273383a 100644 (file)
--- a/ONAP-XACML/src/main/java/org/onap/policy/xacml/std/pap/StdEngine.java
+++ b/ONAP-XACML/src/main/java/org/onap/policy/xacml/std/pap/StdEngine.java
@@ -320,7 +320,7 @@ public class StdEngine extends StdPDPItemSetChangeNotifier implements PAPPolicyE
                // If it exists already
                //
                if (Files.exists(groupPath)) {
-                       logger.warn(addGroup + id + " directory exists" + groupPath.toString());
+                       logger.warn(addGroup + id + " directory exists");
                } else {
                        try {
                                //
@@ -338,7 +338,7 @@ public class StdEngine extends StdPDPItemSetChangeNotifier implements PAPPolicyE
 
                Path policyProperties = Paths.get(groupPath.toString(), "xacml.policy.properties");
                if (Files.exists(policyProperties)) {
-                       logger.warn(addGroup + id + " file exists: " + policyProperties.toString());
+                       logger.warn(addGroup + id + " file exists");
                } else {
                        Properties props = new Properties();
                        props.setProperty(XACMLProperties.PROP_REFERENCEDPOLICIES, "");
@@ -359,7 +359,7 @@ public class StdEngine extends StdPDPItemSetChangeNotifier implements PAPPolicyE
                Path pipProperties = Paths.get(groupPath.toString(), "xacml.pip.properties");
                Properties props = new Properties();
                if (Files.exists(pipProperties)) {
-                       logger.warn(addGroup + id + " file exists: " + pipProperties.toString());
+                       logger.warn(addGroup + id + " file exists.");
                } else {
                        try {
                                props = setPIPProperties(props);
-- Archived 06/09/2021