From 711e342972dea43dffbaac1cc84b4269e4fe8e95 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Wed, 17 Apr 2024 09:38:11 -0400
Subject: [PATCH] Modify controller class to handle UnmarshalException caused
 by invalid xml to prevent frontend error

---
 .../rim/BaseReferenceManifest.java            | 36 ++++++++++++-------
 .../provision/IdentityClaimProcessor.java     |  5 +--
 HIRS_AttestationCAPortal/build.gradle         |  2 ++
 .../ReferenceManifestPageController.java      | 16 ++++++---
 .../src/main/webapp/WEB-INF/jsp/error.jsp     |  2 +-
 5 files changed, 40 insertions(+), 21 deletions(-)

diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java
index c5da6001..bf16cfd3 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java
@@ -91,7 +91,7 @@ public class BaseReferenceManifest extends ReferenceManifest {
      * @param rimBytes - the file content of the uploaded file.
      * @throws IOException - thrown if the file is invalid.
      */
-    public BaseReferenceManifest(final byte[] rimBytes) throws IOException {
+    public BaseReferenceManifest(final byte[] rimBytes) throws UnmarshalException {
         this("", rimBytes);
     }
 
@@ -104,7 +104,8 @@ public class BaseReferenceManifest extends ReferenceManifest {
      * @throws IOException if unable to unmarshal the string
      */
     @SuppressWarnings("checkstyle:AvoidInlineConditionals")
-    public BaseReferenceManifest(final String fileName, final byte[] rimBytes) throws IOException {
+    public BaseReferenceManifest(final String fileName, final byte[] rimBytes)
+            throws UnmarshalException {
         super(rimBytes);
         this.setRimType(BASE_RIM);
         this.setFileName(fileName);
@@ -219,16 +220,24 @@ public class BaseReferenceManifest extends ReferenceManifest {
      * @param byteArrayInputStream the location of the file to be validated
      */
     private Element getDirectoryTag(final ByteArrayInputStream byteArrayInputStream) {
-        Document document = unmarshallSwidTag(byteArrayInputStream);
-        Element softwareIdentity =
-                (Element) document.getElementsByTagNameNS(
-                        SwidTagConstants.SWIDTAG_NAMESPACE,"SoftwareIdentity").item(0);
-        if (softwareIdentity != null) {
-            Element directory = (Element) document.getElementsByTagName("Directory").item(0);
+        Document document = null;
+        try {
+            document = unmarshallSwidTag(byteArrayInputStream);
+        } catch (UnmarshalException e) {
+            log.error("Error while parsing Directory tag: " + e.getMessage());
+        }
+        if (document != null) {
+            Element softwareIdentity =
+                    (Element) document.getElementsByTagNameNS(
+                            SwidTagConstants.SWIDTAG_NAMESPACE, "SoftwareIdentity").item(0);
+            if (softwareIdentity != null) {
+                Element directory = (Element) document.getElementsByTagNameNS(
+                        SwidTagConstants.SWIDTAG_NAMESPACE, "Directory").item(0);
 
-            return directory;
-        } else {
-            log.error("Invalid xml for validation, please verify ");
+                return directory;
+            } else {
+                log.error("Invalid xml for validation, please verify ");
+            }
         }
 
         return null;
@@ -273,7 +282,8 @@ public class BaseReferenceManifest extends ReferenceManifest {
      * @param byteArrayInputStream to the input swidtag
      * @return the Document element at the root of the swidtag
      */
-    private Document unmarshallSwidTag(final ByteArrayInputStream byteArrayInputStream) {
+    private Document unmarshallSwidTag(final ByteArrayInputStream byteArrayInputStream)
+            throws UnmarshalException {
         InputStream is = null;
         Document document = null;
         Unmarshaller unmarshaller = null;
@@ -293,7 +303,7 @@ public class BaseReferenceManifest extends ReferenceManifest {
         } catch (SAXException e) {
             log.error("Error setting schema for validation!");
         } catch (UnmarshalException e) {
-            log.error("Error validating swidtag file!");
+            throw new UnmarshalException("Error validating swidtag file");
         } catch (IllegalArgumentException e) {
             log.error("Input file empty.");
         } catch (JAXBException e) {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
index 6151ac0f..75b83aa2 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
@@ -41,6 +41,7 @@ import hirs.utils.SwidResource;
 import hirs.utils.enums.DeviceInfoEnums;
 import hirs.utils.tpm.eventlog.TCGEventLog;
 import hirs.utils.tpm.eventlog.TpmPcrEvent;
+import jakarta.xml.bind.UnmarshalException;
 import lombok.extern.log4j.Log4j2;
 import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.lang3.ArrayUtils;
@@ -420,8 +421,8 @@ public class IdentityClaimProcessor extends AbstractProcessor {
                         }
                     }
                     tagId = dbBaseRim.getTagId();
-                } catch (IOException ioEx) {
-                    log.error(ioEx);
+                } catch (UnmarshalException e) {
+                    log.error(e);
                 }
             }
         } else {
diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle
index 3a6ad9c0..948baa27 100644
--- a/HIRS_AttestationCAPortal/build.gradle
+++ b/HIRS_AttestationCAPortal/build.gradle
@@ -41,6 +41,8 @@ dependencies {
     implementation libs.bouncycastle
     implementation libs.guava
     implementation libs.jakarta.servlet
+    implementation libs.jakarta.api
+    implementation libs.jakarta.xml
 
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-validation'
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
index b934004a..937bb4c9 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
@@ -19,6 +19,7 @@ import hirs.utils.tpm.eventlog.TpmPcrEvent;
 import jakarta.persistence.EntityManager;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
+import jakarta.xml.bind.UnmarshalException;
 import lombok.extern.log4j.Log4j2;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.PageRequest;
@@ -393,23 +394,28 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
         try {
             if (supportRIM) {
                 supportRim = new SupportReferenceManifest(fileName, fileBytes);
-                if (referenceManifestRepository.findByHexDecHashAndRimType(supportRim.getHexDecHash(),
-                        supportRim.getRimType()) == null) {
+                if (referenceManifestRepository.findByHexDecHashAndRimType(
+                        supportRim.getHexDecHash(), supportRim.getRimType()) == null) {
                     supportRims.add(supportRim);
                     messages.addInfo("Saved Reference Manifest " + fileName);
                 }
             } else {
                 baseRim = new BaseReferenceManifest(fileName, fileBytes);
-                if (referenceManifestRepository.findByHexDecHashAndRimType(baseRim.getHexDecHash(),
-                        baseRim.getRimType()) == null) {
+                if (referenceManifestRepository.findByHexDecHashAndRimType(
+                        baseRim.getHexDecHash(), baseRim.getRimType()) == null) {
                     baseRims.add(baseRim);
                 }
             }
         } catch (IOException | NullPointerException ioEx) {
             final String failMessage
-                    = String.format("Failed to parse uploaded file (%s): ", fileName);
+                    = String.format("Failed to parse support RIM file (%s): ", fileName);
             log.error(failMessage, ioEx);
             messages.addError(failMessage + ioEx.getMessage());
+        } catch (UnmarshalException e) {
+            final String failMessage
+                    = String.format("Failed to parse base RIM file (%s): ", fileName);
+            log.error(failMessage, e);
+            messages.addError(failMessage + e.getMessage());
         }
     }
 
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/error.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/error.jsp
index 88bb8877..bf06bdf4 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/error.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/error.jsp
@@ -9,7 +9,7 @@
     <jsp:attribute name="pageHeaderTitle">Error - 404</jsp:attribute>
 
     <jsp:body>
-        <!--<div> Exception Message: <c:out value="${exception}"</c:out></div>
+        <!--<div> Exception Message: <c:out value="${exception}"/></div>
         <div> from URL -> <span th:text="${url}"</span></div>-->
     </jsp:body>
 </my:page>
\ No newline at end of file