Package fr.gouv.vitam.common.security

Class SafeFileChecker

java.lang.Object
fr.gouv.vitam.common.security.SafeFileChecker
public class SafeFileChecker extends Object
Checker for Sanity of file manipulation to avoid Path Traversal vulnerability

  • Field Details

  • Method Details

    • checkSafeFilePath

      public static File checkSafeFilePath(String safeRootPath, String... subPaths) throws IllegalPathException
      File path sanity checker. Checks folder & filename authorized patterns, path traversal attacks & ESAPI sanity checks
      Parameters:
      safeRootPath - first or initial part(s) of a path representing a FileSystem resource
      subPaths - sub path parts. Every part should be a single folder level, except last part which is the actual filename.
      Returns:
      the resolved File
      Throws:
      IllegalPathException - thrown when any check fails with UnChecked or Runtime exception

    • checkSafeDirPath

      public static File checkSafeDirPath(String safeRootPath, String... subPaths) throws IllegalPathException
      Directory path sanity checker. Checks folder authorized patterns, path traversal attacks & ESAPI sanity checks
      Parameters:
      safeRootPath - first or initial part(s) of a path representing a FileSystem resource
      subPaths - sub path parts. Every part should be a single folder level.
      Returns:
      the resolved directory File
      Throws:
      IllegalPathException - thrown when any check fails with UnChecked or Runtime exception

    • checkSafeRessourceFilePath

      public static void checkSafeRessourceFilePath(String resourceName) throws IllegalPathException
      Path sanity for class-path resources Checks filename authorized patterns, path traversal attacks & ESAPI sanity checks
      Parameters:
      resourceName - the resource file name to check
      Throws:
      IllegalPathException - thrown when any check fails with UnChecked or Runtime exception