[ofbiz-framework] branch trunk updated: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
Locked
[ofbiz-framework] branch trunk updated: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
 
|
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git The following commit(s) were added to refs/heads/trunk by this push: new 89b2dba Improved: Handle remaining checkstyle errors (OFBIZ-12169) 89b2dba is described below commit 89b2dbaec9be221770477a01a1479d965d572451 Author: Jacques Le Roux <[hidden email]> AuthorDate: Sat Feb 13 10:42:32 2021 +0100 Improved: Handle remaining checkstyle errors (OFBIZ-12169) As I mentioned I copied and adapted the code from document-upload-protection sanitizer. Focused on the issue at hand I did not take care much about the style. Finally (pun intended ;)) I prefer to use a try-with-ressource for fos. Thanks: Wiebke for proposing another solution at https://github.com/apache/ofbiz-framework/pull/267/commits/51e82c66989b093392a06cb800fc84a7e413fe45 --- .../org/apache/ofbiz/security/SecuredUpload.java | 27 ++++++++-------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java index fe68a73..4ab32ad 100644 --- a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java +++ b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java @@ -234,8 +234,8 @@ public class SecuredUpload { File file = new File(fileName); boolean safeState = false; boolean fallbackOnApacheCommonsImaging; - try { - if ((file != null) && file.exists() && file.canRead() && file.canWrite()) { + if ((file != null) && file.exists() && file.canRead() && file.canWrite()) { + try (OutputStream fos = Files.newOutputStream(file.toPath(), StandardOpenOption.WRITE)) { // Get the image format String formatName; ImageInputStream iis = ImageIO.createImageInputStream(file); @@ -285,7 +285,7 @@ public class SecuredUpload { Graphics bg = sanitizedImage.getGraphics(); bg.drawImage(initialSizedImage, 0, 0, null); bg.dispose(); - OutputStream fos = Files.newOutputStream(file.toPath(), StandardOpenOption.WRITE); + if (!fallbackOnApacheCommonsImaging) { ImageIO.write(sanitizedImage, formatName, fos); } else { @@ -293,35 +293,28 @@ public class SecuredUpload { // Handle only formats for which Apache Commons Imaging can successfully write (YES in Write column of the reference link) // the image format. See reference link in the class header switch (formatName) { - case "TIFF": { + case "TIFF": imageParser = new TiffImageParser(); break; - } - case "GIF": { + case "GIF": imageParser = new GifImageParser(); break; - } - case "PNG": { + case "PNG": imageParser = new PngImageParser(); break; - } - case "JPEG": { + case "JPEG": imageParser = new JpegImageParser(); break; - } - default: { + default: throw new IOException("Format of the original image " + fileName + " is not supported for write operation !"); } - } imageParser.writeImage(sanitizedImage, fos, new HashMap<>()); } // Set state flag - fos.close(); // This was not correctly handled in the document-upload-protection example, and I did not spot it :/ safeState = true; + } catch (IOException | ImageReadException | ImageWriteException e) { + Debug.logWarning(e, "Error during Image file " + fileName + " processing !", MODULE); } - } catch (IOException | ImageReadException | ImageWriteException e) { - safeState = false; - Debug.logWarning(e, "Error during Image file " + fileName + " processing !", MODULE); } return safeState; } |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |