Function bodies 3,594 total
getHeaders method · java · L677-L679 (3 LOC)data/dim2b/scenarios/vul4j-10-cwe20/vulnerable/DiskFileItem.java
public FileItemHeaders getHeaders() {
return headers;
}setHeaders method · java · L685-L687 (3 LOC)data/dim2b/scenarios/vul4j-10-cwe20/vulnerable/DiskFileItem.java
public void setHeaders(FileItemHeaders pHeaders) {
headers = pHeaders;
}isMultipartContent method · java · L76-L85 (10 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public static final boolean isMultipartContent(RequestContext ctx) {
String contentType = ctx.getContentType();
if (contentType == null) {
return false;
}
if (contentType.toLowerCase(Locale.ENGLISH).startsWith(MULTIPART)) {
return true;
}
return false;
}isMultipartContent method · java · L99-L101 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public static boolean isMultipartContent(HttpServletRequest req) {
return ServletFileUpload.isMultipartContent(req);
}getSizeMax method · java · L205-L207 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public long getSizeMax() {
return sizeMax;
}setSizeMax method · java · L219-L221 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public void setSizeMax(long sizeMax) {
this.sizeMax = sizeMax;
}getFileSizeMax method · java · L230-L232 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public long getFileSizeMax() {
return fileSizeMax;
}Want fix-PRs on findings? Install Repobility's GitHub App · github.com/apps/repobility-bot
setFileSizeMax method · java · L241-L243 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public void setFileSizeMax(long fileSizeMax) {
this.fileSizeMax = fileSizeMax;
}getHeaderEncoding method · java · L253-L255 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public String getHeaderEncoding() {
return headerEncoding;
}setHeaderEncoding method · java · L265-L267 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public void setHeaderEncoding(String encoding) {
headerEncoding = encoding;
}parseRequest method · java · L286-L289 (4 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public List<FileItem> parseRequest(HttpServletRequest req)
throws FileUploadException {
return parseRequest(new ServletRequestContext(req));
}getItemIterator method · java · L307-L315 (9 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public FileItemIterator getItemIterator(RequestContext ctx)
throws FileUploadException, IOException {
try {
return new FileItemIteratorImpl(ctx);
} catch (FileUploadIOException e) {
// unwrap encapsulated SizeException
throw (FileUploadException) e.getCause();
}
}parseRequest method · java · L329-L374 (46 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public List<FileItem> parseRequest(RequestContext ctx)
throws FileUploadException {
List<FileItem> items = new ArrayList<FileItem>();
boolean successful = false;
try {
FileItemIterator iter = getItemIterator(ctx);
FileItemFactory fac = getFileItemFactory();
if (fac == null) {
throw new NullPointerException("No FileItemFactory has been set.");
}
while (iter.hasNext()) {
final FileItemStream item = iter.next();
// Don't use getName() here to prevent an InvalidFileNameException.
final String fileName = ((FileItemIteratorImpl.FileItemStreamImpl) item).name;
FileItem fileItem = fac.createItem(item.getFieldName(), item.getContentType(),
item.isFormField(), fileName);
items.add(fileItem);
try {
Streams.copy(item.opparseParameterMap method · java · L389-L407 (19 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public Map<String, List<FileItem>> parseParameterMap(RequestContext ctx)
throws FileUploadException {
final List<FileItem> items = parseRequest(ctx);
final Map<String, List<FileItem>> itemsMap = new HashMap<String, List<FileItem>>(items.size());
for (FileItem fileItem : items) {
String fieldName = fileItem.getFieldName();
List<FileItem> mappedItems = itemsMap.get(fieldName);
if (mappedItems == null) {
mappedItems = new ArrayList<FileItem>();
itemsMap.put(fieldName, mappedItems);
}
mappedItems.add(fileItem);
}
return itemsMap;
}getBoundary method · java · L419-L436 (18 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected byte[] getBoundary(String contentType) {
ParameterParser parser = new ParameterParser();
parser.setLowerCaseNames(true);
// Parameter parser can handle null input
Map<String, String> params = parser.parse(contentType, new char[] {';', ','});
String boundaryStr = params.get("boundary");
if (boundaryStr == null) {
return null;
}
byte[] boundary;
try {
boundary = boundaryStr.getBytes("ISO-8859-1");
} catch (UnsupportedEncodingException e) {
boundary = boundaryStr.getBytes(); // Intentionally falls back to default charset
}
return boundary;
}About: code-quality intelligence by Repobility · https://repobility.com
getFileName method · java · L448-L450 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected String getFileName(Map<String, String> headers) {
return getFileName(getHeader(headers, CONTENT_DISPOSITION));
}getFileName method · java · L460-L462 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected String getFileName(FileItemHeaders headers) {
return getFileName(headers.getHeader(CONTENT_DISPOSITION));
}getFileName method · java · L469-L492 (24 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private String getFileName(String pContentDisposition) {
String fileName = null;
if (pContentDisposition != null) {
String cdl = pContentDisposition.toLowerCase(Locale.ENGLISH);
if (cdl.startsWith(FORM_DATA) || cdl.startsWith(ATTACHMENT)) {
ParameterParser parser = new ParameterParser();
parser.setLowerCaseNames(true);
// Parameter parser can handle null input
Map<String, String> params = parser.parse(pContentDisposition, ';');
if (params.containsKey("filename")) {
fileName = params.get("filename");
if (fileName != null) {
fileName = fileName.trim();
} else {
// Even if there is no value, the parameter is present,
// so we return an empty file name rather than no file
// name.
fileName =getFieldName method · java · L502-L504 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected String getFieldName(FileItemHeaders headers) {
return getFieldName(headers.getHeader(CONTENT_DISPOSITION));
}getFieldName method · java · L512-L526 (15 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private String getFieldName(String pContentDisposition) {
String fieldName = null;
if (pContentDisposition != null
&& pContentDisposition.toLowerCase(Locale.ENGLISH).startsWith(FORM_DATA)) {
ParameterParser parser = new ParameterParser();
parser.setLowerCaseNames(true);
// Parameter parser can handle null input
Map<String, String> params = parser.parse(pContentDisposition, ';');
fieldName = params.get("name");
if (fieldName != null) {
fieldName = fieldName.trim();
}
}
return fieldName;
}getFieldName method · java · L538-L540 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected String getFieldName(Map<String, String> headers) {
return getFieldName(getHeader(headers, CONTENT_DISPOSITION));
}createItem method · java · L557-L564 (8 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected FileItem createItem(Map<String, String> headers,
boolean isFormField)
throws FileUploadException {
return getFileItemFactory().createItem(getFieldName(headers),
getHeader(headers, CONTENT_TYPE),
isFormField,
getFileName(headers));
}getParsedHeaders method · java · L578-L609 (32 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected FileItemHeaders getParsedHeaders(String headerPart) {
final int len = headerPart.length();
FileItemHeadersImpl headers = newFileItemHeaders();
int start = 0;
for (;;) {
int end = parseEndOfLine(headerPart, start);
if (start == end) {
break;
}
StringBuilder header = new StringBuilder(headerPart.substring(start, end));
start = end + 2;
while (start < len) {
int nonWs = start;
while (nonWs < len) {
char c = headerPart.charAt(nonWs);
if (c != ' ' && c != '\t') {
break;
}
++nonWs;
}
if (nonWs == start) {
break;
}
// Continuation line found
end = parseEndOfLine(headerPart, nonWs);
header.append(" ").append(headRepobility's GitHub App fixes findings like these · https://github.com/apps/repobility-bot
newFileItemHeaders method · java · L615-L617 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected FileItemHeadersImpl newFileItemHeaders() {
return new FileItemHeadersImpl();
}parseHeaders method · java · L633-L646 (14 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected Map<String, String> parseHeaders(String headerPart) {
FileItemHeaders headers = getParsedHeaders(headerPart);
Map<String, String> result = new HashMap<String, String>();
for (Iterator<String> iter = headers.getHeaderNames(); iter.hasNext();) {
String headerName = iter.next();
Iterator<String> iter2 = headers.getHeaders(headerName);
StringBuilder headerValue = new StringBuilder(iter2.next());
while (iter2.hasNext()) {
headerValue.append(",").append(iter2.next());
}
result.put(headerName, headerValue.toString());
}
return result;
}parseEndOfLine method · java · L656-L669 (14 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private int parseEndOfLine(String headerPart, int end) {
int index = end;
for (;;) {
int offset = headerPart.indexOf('\r', index);
if (offset == -1 || offset + 1 >= headerPart.length()) {
throw new IllegalStateException(
"Expected headers to be terminated by an empty line.");
}
if (headerPart.charAt(offset + 1) == '\n') {
return offset;
}
index = offset + 1;
}
}parseHeaderLine method · java · L676-L686 (11 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private void parseHeaderLine(FileItemHeadersImpl headers, String header) {
final int colonOffset = header.indexOf(':');
if (colonOffset == -1) {
// This header line is malformed, skip it.
return;
}
String headerName = header.substring(0, colonOffset).trim();
String headerValue =
header.substring(header.indexOf(':') + 1).trim();
headers.addHeader(headerName, headerValue);
}getHeader method · java · L700-L703 (4 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected final String getHeader(Map<String, String> headers,
String name) {
return headers.get(name.toLowerCase(Locale.ENGLISH));
}FileItemStreamImpl class · java · L714-L887 (174 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
class FileItemStreamImpl implements FileItemStream {
/**
* The file items content type.
*/
private final String contentType;
/**
* The file items field name.
*/
private final String fieldName;
/**
* The file items file name.
*/
private final String name;
/**
* Whether the file item is a form field.
*/
private final boolean formField;
/**
* The file items input stream.
*/
private final InputStream stream;
/**
* Whether the file item was already opened.
*/
private boolean opened;
/**
* The headers, if any.
*/
private FileItemHeaders headers;
/**
* Creates a new instance.
*
* @paFileItemStreamImpl method · java · L761-L799 (39 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
FileItemStreamImpl(String pName, String pFieldName,
String pContentType, boolean pFormField,
long pContentLength) throws IOException {
name = pName;
fieldName = pFieldName;
contentType = pContentType;
formField = pFormField;
final ItemInputStream itemStream = multi.newInputStream();
InputStream istream = itemStream;
if (fileSizeMax != -1) {
if (pContentLength != -1
&& pContentLength > fileSizeMax) {
FileSizeLimitExceededException e =
new FileSizeLimitExceededException(
format("The field %s exceeds its maximum permitted size of %s bytes.",
fieldName, Long.valueOf(fileSizeMax)),
pContentLength, fileSizeMax);
raiseError method · java · L784-L795 (12 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected void raiseError(long pSizeMax, long pCount)
throws IOException {
itemStream.close(true);
FileSizeLimitExceededException e =
new FileSizeLimitExceededException(
format("The field %s exceeds its maximum permitted size of %s bytes.",
fieldName, Long.valueOf(pSizeMax)),
pCount, pSizeMax);
e.setFieldName(fieldName);
e.setFileName(name);
throw new FileUploadIOException(e);
}Repobility — the code-quality scanner for AI-generated software · https://repobility.com
getContentType method · java · L806-L808 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public String getContentType() {
return contentType;
}getFieldName method · java · L815-L817 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public String getFieldName() {
return fieldName;
}getName method · java · L828-L830 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public String getName() {
return Streams.checkFileName(name);
}isFormField method · java · L838-L840 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public boolean isFormField() {
return formField;
}openStream method · java · L849-L858 (10 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public InputStream openStream() throws IOException {
if (opened) {
throw new IllegalStateException(
"The stream was already opened.");
}
if (((Closeable) stream).isClosed()) {
throw new FileItemStream.ItemSkippedException();
}
return stream;
}close method · java · L865-L867 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
void close() throws IOException {
stream.close();
}getHeaders method · java · L874-L876 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public FileItemHeaders getHeaders() {
return headers;
}setHeaders method · java · L883-L885 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public void setHeaders(FileItemHeaders pHeaders) {
headers = pHeaders;
}Want fix-PRs on findings? Install Repobility's GitHub App · github.com/apps/repobility-bot
FileItemIteratorImpl method · java · L938-L1004 (67 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
FileItemIteratorImpl(RequestContext ctx)
throws FileUploadException, IOException {
if (ctx == null) {
throw new NullPointerException("ctx parameter");
}
String contentType = ctx.getContentType();
if ((null == contentType)
|| (!contentType.toLowerCase(Locale.ENGLISH).startsWith(MULTIPART))) {
throw new InvalidContentTypeException(
format("the request doesn't contain a %s or %s stream, content type header is %s",
MULTIPART_FORM_DATA, MULTIPART_FORM_DATA, contentType));
}
InputStream input = ctx.getInputStream();
@SuppressWarnings("deprecation") // still has to be backward compatible
final int contentLengthInt = ctx.getContentLength();
final long requestSize = UploadContext.class.isAssignableFrom(ctx.getClass())
/raiseError method · java · L972-L979 (8 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
protected void raiseError(long pSizeMax, long pCount)
throws IOException {
FileUploadException ex = new SizeLimitExceededException(
format("the request was rejected because its size (%s) exceeds the configured maximum (%s)",
Long.valueOf(pCount), Long.valueOf(pSizeMax)),
pCount, pSizeMax);
throw new FileUploadIOException(ex);
}findNextItem method · java · L1012-L1078 (67 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private boolean findNextItem() throws IOException {
if (eof) {
return false;
}
if (currentItem != null) {
currentItem.close();
currentItem = null;
}
for (;;) {
boolean nextPart;
if (skipPreamble) {
nextPart = multi.skipPreamble();
} else {
nextPart = multi.readBoundary();
}
if (!nextPart) {
if (currentFieldName == null) {
// Outer multipart terminated -> No more data
eof = true;
return false;
}
// Inner multipart terminated -> Return to parsing the outer
multi.setBoundary(boundary);
currentFieldName = null;
continue;
}
FileItemHeadersgetContentLength method · java · L1080-L1086 (7 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
private long getContentLength(FileItemHeaders pHeaders) {
try {
return Long.parseLong(pHeaders.getHeader(CONTENT_LENGTH));
} catch (Exception e) {
return -1;
}
}hasNext method · java · L1098-L1111 (14 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public boolean hasNext() throws FileUploadException, IOException {
if (eof) {
return false;
}
if (itemValid) {
return true;
}
try {
return findNextItem();
} catch (FileUploadIOException e) {
// unwrap encapsulated SizeException
throw (FileUploadException) e.getCause();
}
}next method · java · L1124-L1130 (7 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public FileItemStream next() throws FileUploadException, IOException {
if (eof || (!itemValid && !hasNext())) {
throw new NoSuchElementException();
}
itemValid = false;
return currentItem;
}FileUploadIOException class · java · L1138-L1173 (36 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public static class FileUploadIOException extends IOException {
/**
* The exceptions UID, for serializing an instance.
*/
private static final long serialVersionUID = -7047616958165584154L;
/**
* The exceptions cause; we overwrite the parent
* classes field, which is available since Java
* 1.4 only.
*/
private final FileUploadException cause;
/**
* Creates a <code>FileUploadIOException</code> with the
* given cause.
*
* @param pCause The exceptions cause, if any, or null.
*/
public FileUploadIOException(FileUploadException pCause) {
// We're not doing super(pCause) cause of 1.3 compatibility.
cause = pCause;
}
/**
* Returns the exceptions cause.
*
* @return The exceptions cause, if any, or null.
*/
@Override
public Throwable getCause() {
FileUploadIOException method · java · L1158-L1161 (4 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public FileUploadIOException(FileUploadException pCause) {
// We're not doing super(pCause) cause of 1.3 compatibility.
cause = pCause;
}About: code-quality intelligence by Repobility · https://repobility.com
getCause method · java · L1169-L1171 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public Throwable getCause() {
return cause;
}InvalidContentTypeException class · java · L1178-L1207 (30 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public static class InvalidContentTypeException
extends FileUploadException {
/**
* The exceptions UID, for serializing an instance.
*/
private static final long serialVersionUID = -9073026332015646668L;
/**
* Constructs a <code>InvalidContentTypeException</code> with no
* detail message.
*/
public InvalidContentTypeException() {
super();
}
/**
* Constructs an <code>InvalidContentTypeException</code> with
* the specified detail message.
*
* @param message The detail message.
*/
public InvalidContentTypeException(String message) {
super(message);
}
public InvalidContentTypeException(String msg, Throwable cause) {
super(msg, cause);
}
}InvalidContentTypeException method · java · L1190-L1192 (3 LOC)data/dim2b/scenarios/vul4j-11-cwe264/fixed/FileUploadBase.java
public InvalidContentTypeException() {
super();
}