diff --git a/pom.xml b/pom.xml
index f53fe56..0e5d0ae 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
io.whitesource
curekit
- 1.0.1
+ 1.0.2
curekit
A repository containing code security remediation solutions used by WhiteSource Cure
@@ -108,10 +108,14 @@
org.apache.maven.plugins
maven-javadoc-plugin
+
+ ${java.home}/bin/javadoc
+
${maven.javadoc.version}
attach-javadocs
+ deploy
jar
@@ -125,7 +129,7 @@
sign-artifacts
- verify
+ deploy
sign
@@ -182,4 +186,17 @@
+
+
+
+ jdk-11-config
+
+ 11
+
+
+ ${java.home}/bin/javadoc
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/io/whitesource/cure/Encoder.java b/src/main/java/io/whitesource/cure/Encoder.java
index fecfb54..c61f570 100644
--- a/src/main/java/io/whitesource/cure/Encoder.java
+++ b/src/main/java/io/whitesource/cure/Encoder.java
@@ -2,7 +2,6 @@
import java.util.ArrayList;
import java.util.List;
-import lombok.NonNull;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.SystemUtils;
import org.owasp.encoder.Encode;
@@ -19,7 +18,10 @@ public class Encoder {
* @param param An argument or part of an argument for the operating systems command.
* @return Encoded parameter.
*/
- public static String forOsCommand(@NonNull final String param) {
+ public static String forOsCommand(final String param) {
+ if (param == null) {
+ return null;
+ }
return forOsCommand(param, new char[] {});
}
@@ -31,7 +33,10 @@ public static String forOsCommand(@NonNull final String param) {
* @param charsToIgnore Array of characters to not encode.
* @return Encoded parameter.
*/
- public static String forOsCommand(@NonNull final String param, char[] charsToIgnore) {
+ public static String forOsCommand(final String param, char[] charsToIgnore) {
+ if (param == null) {
+ return null;
+ }
StringBuilder sb = new StringBuilder();
for (char c : param.toCharArray()) {
sb.append(encodeCharacterForOsCommand(c, charsToIgnore));
@@ -45,8 +50,10 @@ public static String forOsCommand(@NonNull final String param, char[] charsToIgn
* @param contents arrays {@link Object} contains all the contents.
* @return encoded log content.
*/
- public static String[] forLogContent(@NonNull final Object[] contents) {
-
+ public static String[] forLogContent(final Object[] contents) {
+ if (contents == null) {
+ return null;
+ }
List results = new ArrayList<>();
for (Object content : contents) {
@@ -61,12 +68,15 @@ public static String[] forLogContent(@NonNull final Object[] contents) {
* @param content {@link Object} contains the content.
* @return encoded log content.
*/
- public static String forLogContent(@NonNull final Object content) {
+ public static String forLogContent(final Object content) {
+ if (content == null) {
+ return null;
+ }
return content
- .toString()
- .replaceAll("[\n|\r|\t]", "_")
- .replaceAll("<", "<")
- .replaceAll(">", ">");
+ .toString()
+ .replaceAll("[\n|\r|\t]", "_")
+ .replaceAll("<", "<")
+ .replaceAll(">", ">");
}
/**
@@ -75,11 +85,14 @@ public static String forLogContent(@NonNull final Object content) {
* @param content contains the content to be sanitized.
* @return encoded Html content.
*/
- public static String forCrlf(@NonNull final String content) {
+ public static String forCrlf(final String content) {
+ if (content == null) {
+ return null;
+ }
return StringUtils.replaceEach(
- content.toString(),
- new String[] {"\n", "\\n", "\r", "\\r", "%0d", "%0D", "%0a", "%0A", "\025"},
- new String[] {"", "", "", "", "", "", "", "", ""});
+ content.toString(),
+ new String[] {"\n", "\\n", "\r", "\\r", "%0d", "%0D", "%0a", "%0A", "\025"},
+ new String[] {"", "", "", "", "", "", "", "", ""});
}
/**
@@ -88,8 +101,10 @@ public static String forCrlf(@NonNull final String content) {
* @param content {@link Object} contains the content.
* @return encoded JavaScript block.
*/
- public static String forJavaScriptBlockXss(@NonNull final Object content) {
-
+ public static String forJavaScriptBlockXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forJavaScriptBlock(formatToString(content));
}
@@ -100,8 +115,10 @@ public static String forJavaScriptBlockXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded Html content.
*/
- public static String forHtmlContentXss(@NonNull final Object content) {
-
+ public static String forHtmlContentXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forHtmlContent(formatToString(content));
}
@@ -111,8 +128,10 @@ public static String forHtmlContentXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded Html Attribute.
*/
- public static String forHtmlAttributeXss(@NonNull final Object content) {
-
+ public static String forHtmlAttributeXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forHtmlAttribute(formatToString(content));
}
@@ -129,8 +148,10 @@ public static String forHtmlAttributeXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded JavaScript string.
*/
- public static String forJavaScriptXss(@NonNull final Object content) {
-
+ public static String forJavaScriptXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forJavaScript(formatToString(content));
}
@@ -141,8 +162,10 @@ public static String forJavaScriptXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded CSS String.
*/
- public static String forCssStringXss(@NonNull final Object content) {
-
+ public static String forCssStringXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forCssString(formatToString(content));
}
@@ -154,8 +177,10 @@ public static String forCssStringXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded Uri component.
*/
- public static String forUriComponentXss(@NonNull final Object content) {
-
+ public static String forUriComponentXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forUriComponent(formatToString(content));
}
@@ -168,8 +193,10 @@ public static String forUriComponentXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded CSS url.
*/
- public static String forCssUrlXss(@NonNull final Object content) {
-
+ public static String forCssUrlXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forCssUrl(formatToString(content));
}
@@ -186,8 +213,10 @@ public static String forCssUrlXss(@NonNull final Object content) {
* @param content {@link Object} contains the content.
* @return encoded Html unquoted Attribute.
*/
- public static String forHtmlUnquotedAttributeXss(@NonNull final Object content) {
-
+ public static String forHtmlUnquotedAttributeXss(final Object content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forHtmlUnquotedAttribute(formatToString(content));
}
@@ -200,8 +229,10 @@ public static String forHtmlUnquotedAttributeXss(@NonNull final Object content)
* @param content {@link Object} contains the content.
* @return encoded JavaScript attribute.
*/
- public static String forJavaScriptAttributeXss(@NonNull final String content) {
-
+ public static String forJavaScriptAttributeXss(final String content) {
+ if (content == null) {
+ return null;
+ }
return Encode.forJavaScriptAttribute(content);
}
@@ -221,8 +252,8 @@ private static String encodeCharacterForOsCommand(char charToEncode, char[] char
private static boolean isAlphaNumeric(char charToEncode) {
return !((charToEncode < '0' || charToEncode > '9')
- && (charToEncode < 'A' || charToEncode > 'Z')
- && (charToEncode < 'a' || charToEncode > 'z'));
+ && (charToEncode < 'A' || charToEncode > 'Z')
+ && (charToEncode < 'a' || charToEncode > 'z'));
}
private static String formatToString(Object content) {
diff --git a/src/main/java/io/whitesource/cure/FileUtils.java b/src/main/java/io/whitesource/cure/FileUtils.java
index 7086af1..8177156 100644
--- a/src/main/java/io/whitesource/cure/FileUtils.java
+++ b/src/main/java/io/whitesource/cure/FileUtils.java
@@ -19,7 +19,7 @@ public class FileUtils {
* @return True - if the file is outside the base dir, False - otherwise.
*/
public static boolean isFileOutsideDir(
- @NonNull final String filePath, @NonNull final String baseDirPath) throws IOException {
+ @NonNull final String filePath, @NonNull final String baseDirPath) throws IOException {
File file = new File(filePath);
File baseDir = new File(baseDirPath);
return !file.getCanonicalPath().startsWith(baseDir.getCanonicalPath());
@@ -31,7 +31,10 @@ public static boolean isFileOutsideDir(
* @param filePath The file path.
* @return Normalized path.
*/
- public static String normalize(@NonNull final String filePath) {
+ public static String normalize(final String filePath) {
+ if (filePath == null) {
+ return null;
+ }
return FilenameUtils.normalize(filePath);
}
}
diff --git a/src/test/java/io/whitesource/cure/EncoderTest.java b/src/test/java/io/whitesource/cure/EncoderTest.java
index f317709..9ae7302 100644
--- a/src/test/java/io/whitesource/cure/EncoderTest.java
+++ b/src/test/java/io/whitesource/cure/EncoderTest.java
@@ -25,7 +25,7 @@ void forOsCommand_operatingSystem_successfullyWithResult() {
@Test
void forOsCommand_null_successfully() {
- Assertions.assertThrows(NullPointerException.class, () -> forOsCommand(null));
+ Assertions.assertNull(forOsCommand(null));
}
@Test
@@ -39,7 +39,7 @@ void forCrlf_htmlContent_successfullyWithResult() {
@Test
void forCrlf_null_successfully() {
- Assertions.assertThrows(NullPointerException.class, () -> forCrlf(null));
+ Assertions.assertNull(forCrlf(null));
}
@Test
@@ -77,7 +77,7 @@ void forLogContent_fullEncodingCapabilities_successfullyWithResult() {
@Test
void forLogContent_null_successfully() {
- Assertions.assertThrows(NullPointerException.class, () -> forLogContent(null));
+ Assertions.assertNull(forLogContent(null));
}
@Test
diff --git a/src/test/java/io/whitesource/cure/FileUtilsTest.java b/src/test/java/io/whitesource/cure/FileUtilsTest.java
index bcc1e9e..214bca6 100644
--- a/src/test/java/io/whitesource/cure/FileUtilsTest.java
+++ b/src/test/java/io/whitesource/cure/FileUtilsTest.java
@@ -30,15 +30,15 @@ void isFileInDir_inside_successfullyWithResult() throws IOException {
@Test
void isFileInDir_null_successfully() {
Assertions.assertThrows(
- NullPointerException.class, () -> FileUtils.isFileOutsideDir(null, null));
+ NullPointerException.class, () -> FileUtils.isFileOutsideDir(null, null));
Assertions.assertThrows(
- NullPointerException.class,
- () -> FileUtils.isFileOutsideDir("file-path-place-holder", null));
+ NullPointerException.class,
+ () -> FileUtils.isFileOutsideDir("file-path-place-holder", null));
Assertions.assertThrows(
- NullPointerException.class,
- () -> FileUtils.isFileOutsideDir(null, "base-dir-place-holder"));
+ NullPointerException.class,
+ () -> FileUtils.isFileOutsideDir(null, "base-dir-place-holder"));
}
@Test
@@ -52,6 +52,6 @@ void normalize_validInput_successfullyWithResult() throws IOException {
@Test
void normalize_null_successfully() {
- Assertions.assertThrows(NullPointerException.class, () -> FileUtils.normalize(null));
+ Assertions.assertNull(FileUtils.normalize(null));
}
}