mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-15 01:10:39 +00:00
Check upload file extensions
This commit is contained in:
parent
b70aae8a82
commit
f875a2c981
@ -62,7 +62,8 @@ import java.util.zip.ZipOutputStream;
|
|||||||
@RequestMapping("/HIRS_AttestationCAPortal/portal/reference-manifests")
|
@RequestMapping("/HIRS_AttestationCAPortal/portal/reference-manifests")
|
||||||
public class ReferenceManifestPageController extends PageController<NoPageParams> {
|
public class ReferenceManifestPageController extends PageController<NoPageParams> {
|
||||||
|
|
||||||
private static final String LOG_FILE_PATTERN = "([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)";
|
private static final String BASE_RIM_FILE_PATTERN = "([^\\s]+(\\.(?i)swidtag)$)";
|
||||||
|
private static final String SUPPORT_RIM_FILE_PATTERN = "([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)";
|
||||||
|
|
||||||
@Autowired(required = false)
|
@Autowired(required = false)
|
||||||
private EntityManager entityManager;
|
private EntityManager entityManager;
|
||||||
@ -156,9 +157,11 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
|||||||
Map<String, Object> model = new HashMap<>();
|
Map<String, Object> model = new HashMap<>();
|
||||||
PageMessages messages = new PageMessages();
|
PageMessages messages = new PageMessages();
|
||||||
String fileName;
|
String fileName;
|
||||||
Pattern logPattern = Pattern.compile(LOG_FILE_PATTERN);
|
Pattern baseRimPattern = Pattern.compile(BASE_RIM_FILE_PATTERN);
|
||||||
|
Pattern supportRimPattern = Pattern.compile(SUPPORT_RIM_FILE_PATTERN);
|
||||||
Matcher matcher;
|
Matcher matcher;
|
||||||
boolean supportRIM = false;
|
boolean isBaseRim = false;
|
||||||
|
boolean isSupportRim = false;
|
||||||
List<BaseReferenceManifest> baseRims = new ArrayList<>();
|
List<BaseReferenceManifest> baseRims = new ArrayList<>();
|
||||||
List<SupportReferenceManifest> supportRims = new ArrayList<>();
|
List<SupportReferenceManifest> supportRims = new ArrayList<>();
|
||||||
log.info(String.format("Processing %s uploaded files", files.length));
|
log.info(String.format("Processing %s uploaded files", files.length));
|
||||||
@ -166,11 +169,23 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
|||||||
// loop through the files
|
// loop through the files
|
||||||
for (MultipartFile file : files) {
|
for (MultipartFile file : files) {
|
||||||
fileName = file.getOriginalFilename();
|
fileName = file.getOriginalFilename();
|
||||||
matcher = logPattern.matcher(fileName);
|
matcher = baseRimPattern.matcher(fileName);
|
||||||
supportRIM = matcher.matches();
|
isBaseRim = matcher.matches();
|
||||||
|
if (!isBaseRim) {
|
||||||
|
matcher = supportRimPattern.matcher(fileName);
|
||||||
|
isSupportRim = matcher.matches();
|
||||||
|
}
|
||||||
|
if (!isBaseRim && !isSupportRim) {
|
||||||
|
String errorString = "The file extension of " + fileName + " was not recognized." +
|
||||||
|
" Base RIMs support the extension \".swidtag\", and support RIMs support " +
|
||||||
|
"\".rimpcr\", \".rimel\", \".bin\", and \".log\". " +
|
||||||
|
"Please verify your upload and retry.";
|
||||||
|
log.error("File extension in " + fileName + " not recognized as base or support RIM.");
|
||||||
|
messages.addError(errorString);
|
||||||
|
} else {
|
||||||
//Parse reference manifests
|
//Parse reference manifests
|
||||||
parseRIM(file, supportRIM, messages, baseRims, supportRims);
|
parseRIM(file, isSupportRim, messages, baseRims, supportRims);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
baseRims.stream().forEach((rim) -> {
|
baseRims.stream().forEach((rim) -> {
|
||||||
log.info(String.format("Storing swidtag %s", rim.getFileName()));
|
log.info(String.format("Storing swidtag %s", rim.getFileName()));
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
<jsp:attribute name="pageHeaderTitle">Error - 404</jsp:attribute>
|
<jsp:attribute name="pageHeaderTitle">Error - 404</jsp:attribute>
|
||||||
|
|
||||||
<jsp:body>
|
<jsp:body>
|
||||||
<!--<div> Exception Message: <c:out value="${exception}"/></div>
|
<!--<div> Exception Message: <c:out value="${exception}"></c:out></div>
|
||||||
<div> from URL -> <span th:text="${url}"</span></div>-->
|
<div> from URL -> <span th:text="${url}"</span></div>-->
|
||||||
</jsp:body>
|
</jsp:body>
|
||||||
</my:page>
|
</my:page>
|
Loading…
Reference in New Issue
Block a user