public void bad() throws Throwable { String fn = ".\\src\\testcases\\CWE379_File_Creation_in_Insecure_Dir\\insecureDir"; /* may have to be changed depending on script */ /* POSSIBLE FLAW: potentially insecure directory permissions */ File dir = new File(fn); if (dir.exists()) { IO.writeLine("Directory already exists"); if (dir.delete()) { IO.writeLine("Directory deleted"); } else { return; } } if (!dir.getParentFile().canWrite()) { IO.writeLine("Cannot write to parent dir"); } try { boolean success = dir.mkdir(); if (success) { IO.writeLine("Directory created"); File file = new File(dir.getAbsolutePath() + "\\newFile.txt"); file.createNewFile(); } } catch (Exception e) { System.out.println(e.getMessage()); } }
private void good1() throws Throwable { String fn = ".\\src\\testcases\\CWE379_File_Creation_in_Insecure_Dir\\basic\\insecureDir"; File dir = new File(fn); if (dir.exists()) { IO.writeLine("Directory already exists"); if (dir.delete()) { IO.writeLine("Directory deleted"); } else { return; } } if (!dir.getParentFile().canWrite()) { IO.writeLine("Cannot write to parent dir"); } /* FIX: explicitly set directory permissions */ dir.setExecutable(false, true); dir.setReadable(true); dir.setWritable(false, true); try { boolean success = dir.mkdir(); if (success) { IO.writeLine("Directory created"); File file = new File(dir.getAbsolutePath() + "\\newFile.txt"); file.createNewFile(); } } catch (Exception e) { System.out.println(e.getMessage()); } }
public ReaderHandler(LowLevelDbAccess lowLevelDbAccess, String webDir) { loginInfoDb = new LoginInfo.DB(lowLevelDbAccess); userDb = new User.DB(lowLevelDbAccess); feedDb = new Feed.DB(lowLevelDbAccess); articleDb = new Article.DB(lowLevelDbAccess); readArticlesCollDb = new ReadArticlesColl.DB(lowLevelDbAccess); userHelpers = new UserHelpers(loginInfoDb, userDb); setContextPath("/"); File warPath = new File(webDir); setWar(warPath.getAbsolutePath()); if (isInJar) { for (Map.Entry<String, String> entry : PATH_MAPPING.entrySet()) { addPrebuiltJsp(entry.getKey(), "jsp." + entry.getValue().replaceAll("_", "_005f") + "_jsp"); } } else { for (Map.Entry<String, String> entry : PATH_MAPPING.entrySet()) { addServlet( new ServletHolder(new RedirectServlet("/" + entry.getValue() + ".jsp")), entry.getKey()); } } setErrorHandler(new ReaderErrorHandler()); }
/** * return OutputStream of JasperReport object, this page could only be viewed from localhost for * security concern. parameter can be (id), or (table and type) * * @param id - report id, or * @param table - table name * @param type - reporttype "s","l","o", case insensitive * @param client(*) - client domain * @param version - version number, default to -1 */ public void process(HttpServletRequest request, HttpServletResponse response) throws Exception { String clientName = request.getParameter("client"); int objectId = ParamUtils.getIntAttributeOrParameter(request, "id", -1); if (objectId == -1) { // try using table and type objectId = getReportId(clientName, request.getParameter("table"), request.getParameter("type")); } if (objectId == -1) { logger.error("report not found, request is:" + Tools.toString(request)); throw new NDSException("report not found"); } int version = ParamUtils.getIntAttributeOrParameter(request, "version", -1); File reportXMLFile = new File(ReportTools.getReportFile(objectId, clientName)); if (reportXMLFile.exists()) { // generate jasperreport if file not exists or not newer String reportName = reportXMLFile.getName().substring(0, reportXMLFile.getName().lastIndexOf(".")); File reportJasperFile = new File(reportXMLFile.getParent(), reportName + ".jasper"); if (!reportJasperFile.exists() || reportJasperFile.lastModified() < reportXMLFile.lastModified()) { JasperCompileManager.compileReportToFile( reportXMLFile.getAbsolutePath(), reportJasperFile.getAbsolutePath()); } InputStream is = new FileInputStream(reportJasperFile); response.setContentType("application/octetstream;"); response.setContentLength((int) reportJasperFile.length()); // response.setHeader("Content-Disposition","inline;filename=\""+reportJasperFile.getName()+"\""); ServletOutputStream os = response.getOutputStream(); byte[] b = new byte[8192]; int bInt; while ((bInt = is.read(b, 0, b.length)) != -1) { os.write(b, 0, bInt); } is.close(); os.flush(); os.close(); } else { throw new NDSException("Not found report template"); } }
// Fireup tomcat and register this servlet public static void main(String[] args) throws LifecycleException, SQLException { Tomcat tomcat = new Tomcat(); tomcat.setPort(8080); File base = new File(System.getProperty("java.io.tmpdir")); Context rootCtx = tomcat.addContext("/", base.getAbsolutePath()); Tomcat.addServlet(rootCtx, "log", new LogService()); rootCtx.addServletMapping("/*", "log"); tomcat.start(); tomcat.getServer().await(); }
private Transformer buildTransformer(String name, File xslDir, TransformerFactory tf) throws Exception { Transformer tr = tf.newTransformer( new StreamSource( new FileReader(xslDir.getAbsolutePath() + File.separatorChar + name + ".xsl"))); tr.setOutputProperty(OutputKeys.INDENT, "yes"); tr.setOutputProperty(OutputKeys.METHOD, "html"); tr.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "3"); return tr; }
/** * Returns the adapter type for the given file. Will first use the adapter selector function if it * was specified in init.js, otherwise will use the static type (either set in _init file, as a * server-wide override in 10gen.properties, or default of DIRECT_10GEN) * * @param file to produce type for * @return adapter type for the specified file */ public AdapterType getAdapterType(File file) { // Q : I think this is the right thing to do if (inScopeSetup()) { return AdapterType.DIRECT_10GEN; } /* * cheap hack - prevent any _init.* file from getting run as anythign but DIRECT_10GEN */ if (file != null && file.getName().indexOf("_init.") != -1) { return AdapterType.DIRECT_10GEN; } if (_adapterSelector == null) { return _staticAdapterType; } /* * only let the app select type if file is part of application (i.e. * don't do it for corejs, core modules, etc... */ String fp = file.getAbsolutePath(); String fullRoot = _rootFile.getAbsolutePath(); // there must be a nicer way to do this? if (!fp.startsWith(fullRoot)) { return AdapterType.DIRECT_10GEN; } Object o = _adapterSelector.call(_initScope, new JSString(fp.substring(fullRoot.length()))); if (o == null) { return _staticAdapterType; } if (!(o instanceof JSString)) { log("Error : adapter selector not returning string. Ignoring and using static adapter type"); return _staticAdapterType; } AdapterType t = getAdapterTypeFromString(o.toString()); return (t == null ? _staticAdapterType : t); }
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); request.setCharacterEncoding("utf-8"); if (jjNumber.isDigit(jjTools.getParameter(request, "maxSize"))) { maxSize = Long.parseLong(jjTools.getParameter(request, "maxSize")); } response.setCharacterEncoding("utf-8"); String name = request.getParameter("name"); name = name == null ? "" : name; response.setContentType("text/plain"); super.init(getServletConfig()); // response.setContentType("text/plain"); PrintWriter out = response.getWriter(); // out.println(); DiskFileItemFactory fileItemFactory = new DiskFileItemFactory(); // fileItemFactory.setSizeThreshold(1024 * 1024); //1 MB try { ServletFileUpload uploadHandler = new ServletFileUpload(fileItemFactory); List items = uploadHandler.parseRequest(request); Iterator itr = items.iterator(); while (itr.hasNext()) { FileItem item = (FileItem) itr.next(); if (item.isFormField()) { /* * Field */ // out.println("Field Name=" + item.getFieldName() + ", Value=" + // item.getString()); data.put(item.getFieldName(), item.getString()); } else { /* * File */ File folderAddress = new File(request.getServletContext().getRealPath(Save_Folder_Name)); // "/" + String extension = ""; String nameWithoutExtension = item.getName(); if (item.getName().lastIndexOf(".") > -1) { extension = item.getName().substring(item.getName().lastIndexOf(".")); nameWithoutExtension = item.getName() .substring( item.getName().lastIndexOf("\\") + 1, item.getName().lastIndexOf(".")); } folderAddress.mkdirs(); nameWithoutExtension = "P"; File file = new File( folderAddress + "/" + nameWithoutExtension.toLowerCase() + jjNumber.getRandom(10) + extension.toLowerCase()); String i = "0000000000"; while (file.exists()) { i = jjNumber.getRandom(10); file = new File( folderAddress + "/" + nameWithoutExtension.toLowerCase() + i + extension.toLowerCase()); } if (!name.equals("")) { file = new File(folderAddress + "/" + name); } // out.println("File Name=" + item.getName() // + ", Field Name=" + item.getFieldName() // + ", Content type=" + item.getContentType() // + ", File Size=" + item.getSize() // + ", Save Address=" + file); // out.println(file); // String urlPath = // request.getRequestURL().toString().replace("Upload2", "Upload") + "/" + // file.getName().replace("\\", "/"); // out.println("<html><head><meta http-equiv='Content-Type' // content='text/html; charset=utf-8'></head><body><input type='text' name='T1' size='58' // value='" + urlPath + "'></body></html>"); data.put(item.getFieldName(), file.getAbsolutePath()); if (!file.getName().toLowerCase().endsWith(".exe")) { item.write(file); } long size = file.length(); ServerLog.Print("?>>>>>>" + file + " - Size:" + size); if (size > maxSize) { file.delete(); out.print("big"); } else { out.print( file.getName() .replace(" ", "%20") .replace("<pre style=\"word-wrap: break-word; white-space: pre-wrap;\">", "")); ServerLog.Print("Write pic in: " + file + " size:" + file.length()); String name2 = file.getName().substring(0, file.getName().lastIndexOf(".")); String extension2 = file.getName() .substring(file.getName().lastIndexOf(".") + 1, file.getName().length()); File file2 = new File(file.getParent() + "/" + name2 + "_small." + extension2); if (extension2.toLowerCase().equals("jpg") || extension2.toLowerCase().equals("png") || extension2.toLowerCase().equals("gif")) { jjPicture.doChangeSizeOfPic(file, file2, 250); } } } } } catch (Exception ex) { Server.ErrorHandler(ex); } out.flush(); out.close(); }
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // set the response Shepherd myShepherd = new Shepherd(); Vector rEncounters = new Vector(); // setup data dir String rootWebappPath = getServletContext().getRealPath("/"); File webappsDir = new File(rootWebappPath).getParentFile(); File shepherdDataDir = new File(webappsDir, CommonConfiguration.getDataDirectoryName()); // if(!shepherdDataDir.exists()){shepherdDataDir.mkdir();} File encountersDir = new File(shepherdDataDir.getAbsolutePath() + "/encounters"); // if(!encountersDir.exists()){encountersDir.mkdir();} // set up the files String gisFilename = "geneGIS_export_" + request.getRemoteUser() + ".csv"; File gisFile = new File(encountersDir.getAbsolutePath() + "/" + gisFilename); myShepherd.beginDBTransaction(); try { // set up the output stream FileOutputStream fos = new FileOutputStream(gisFile); OutputStreamWriter outp = new OutputStreamWriter(fos); try { EncounterQueryResult queryResult = EncounterQueryProcessor.processQuery( myShepherd, request, "year descending, month descending, day descending"); rEncounters = queryResult.getResult(); int numMatchingEncounters = rEncounters.size(); // build the CSV file header StringBuffer locusString = new StringBuffer(""); int numLoci = 2; // most covered species will be loci try { numLoci = (new Integer(CommonConfiguration.getProperty("numLoci"))).intValue(); } catch (Exception e) { System.out.println("numPloids configuration value did not resolve to an integer."); e.printStackTrace(); } for (int j = 0; j < numLoci; j++) { locusString.append(",Locus" + (j + 1) + " A1,Locus" + (j + 1) + " A2"); } // out.println("<html><body>"); // out.println("Individual ID,Other ID 1,Date,Time,Latitude,Longitude,Area,Sub // Area,Sex,Haplotype"+locusString.toString()); outp.write( "Individual ID,Other ID 1,Date,Time,Latitude,Longitude,Area,Sub Area,Sex,Haplotype" + locusString.toString() + "\n"); for (int i = 0; i < numMatchingEncounters; i++) { Encounter enc = (Encounter) rEncounters.get(i); String assembledString = ""; if (enc.getIndividualID() != null) { assembledString += enc.getIndividualID(); } if (enc.getAlternateID() != null) { assembledString += "," + enc.getAlternateID(); } else { assembledString += ","; } String dateString = ","; if (enc.getYear() > 0) { dateString += enc.getYear(); if (enc.getMonth() > 0) { dateString += ("-" + enc.getMonth()); if (enc.getDay() > 0) { dateString += ("-" + enc.getDay()); } } } assembledString += dateString; String timeString = ","; if (enc.getHour() > -1) { timeString += enc.getHour() + ":" + enc.getMinutes(); } assembledString += timeString; if ((enc.getDecimalLatitude() != null) && (enc.getDecimalLongitude() != null)) { assembledString += "," + enc.getDecimalLatitude(); assembledString += "," + enc.getDecimalLongitude(); } else { assembledString += ",,"; } assembledString += "," + enc.getVerbatimLocality(); assembledString += "," + enc.getLocationID(); assembledString += "," + enc.getSex(); // find and print the haplotype String haplotypeString = ","; if (enc.getHaplotype() != null) { haplotypeString += enc.getHaplotype(); } // find and print the ms markers String msMarkerString = ""; List<TissueSample> samples = enc.getTissueSamples(); int numSamples = samples.size(); boolean foundMsMarkers = false; for (int k = 0; k < numSamples; k++) { if (!foundMsMarkers) { TissueSample t = samples.get(k); List<GeneticAnalysis> analyses = t.getGeneticAnalyses(); int aSize = analyses.size(); for (int l = 0; l < aSize; l++) { GeneticAnalysis ga = analyses.get(l); if (ga.getAnalysisType().equals("MicrosatelliteMarkers")) { foundMsMarkers = true; MicrosatelliteMarkersAnalysis ga2 = (MicrosatelliteMarkersAnalysis) ga; List<Locus> loci = ga2.getLoci(); int localLoci = loci.size(); for (int m = 0; m < localLoci; m++) { Locus locus = loci.get(m); if (locus.getAllele0() != null) { msMarkerString += "," + locus.getAllele0(); } else { msMarkerString += ","; } if (locus.getAllele1() != null) { msMarkerString += "," + locus.getAllele1(); } else { msMarkerString += ","; } } } } } } // out.println("<p>"+assembledString+haplotypeString+msMarkerString+"</p>"); outp.write(assembledString + haplotypeString + msMarkerString + "\n"); } outp.close(); outp = null; // now write out the file response.setContentType("text/csv"); response.setHeader("Content-Disposition", "attachment;filename=" + gisFilename); ServletContext ctx = getServletContext(); // InputStream is = ctx.getResourceAsStream("/encounters/"+gisFilename); InputStream is = new FileInputStream(gisFile); int read = 0; byte[] bytes = new byte[BYTES_DOWNLOAD]; OutputStream os = response.getOutputStream(); while ((read = is.read(bytes)) != -1) { os.write(bytes, 0, read); } os.flush(); os.close(); } catch (Exception ioe) { ioe.printStackTrace(); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(ServletUtilities.getHeader(request)); out.println( "<html><body><p><strong>Error encountered</strong> with file writing. Check the relevant log.</p>"); out.println( "<p>Please let the webmaster know you encountered an error at: EncounterSearchExportGeneGISFormat servlet</p></body></html>"); out.println(ServletUtilities.getFooter()); out.close(); outp.close(); outp = null; } } catch (Exception e) { e.printStackTrace(); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(ServletUtilities.getHeader(request)); out.println("<html><body><p><strong>Error encountered</strong></p>"); out.println( "<p>Please let the webmaster know you encountered an error at: EncounterSearchExportGeneGISFormat servlet</p></body></html>"); out.println(ServletUtilities.getFooter()); out.close(); } myShepherd.rollbackDBTransaction(); myShepherd.closeDBTransaction(); }