Package fr.gouv.vitam.common.security

Class SafeFileChecker

  • public class SafeFileChecker
extends java.lang.Object
    Checker for Sanity of file manipulation to avoid Path Traversal vulnerability

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String LOCAL_ENVIRONMENT  

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.io.File checkSafeDirPath​(java.lang.String safeRootPath, java.lang.String... subPaths)
      Directory path sanity checker.
      static java.io.File checkSafeFilePath​(java.lang.String safeRootPath, java.lang.String... subPaths)
      File path sanity checker.
      static void checkSafeRessourceFilePath​(java.lang.String resourceName)
      Path sanity for class-path resources Checks filename authorized patterns, path traversal attacks & ESAPI sanity checks

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • LOCAL_ENVIRONMENT

        public static final java.lang.String LOCAL_ENVIRONMENT
        See Also:
        Constant Field Values

    • Method Detail

      • checkSafeFilePath

        public static java.io.File checkSafeFilePath​(java.lang.String safeRootPath,
                                             java.lang.String... subPaths)
                                      throws IllegalPathException
        File path sanity checker. Checks folder & filename authorized patterns, path traversal attacks & ESAPI sanity checks
        Parameters:
        safeRootPath - first or initial part(s) of a path representing a FileSystem resource
        subPaths - sub path parts. Every part should be a single folder level, except last part which is the actual filename.
        Returns:
        the resolved File
        Throws:
        IllegalPathException - thrown when any check fails with UnChecked or Runtime exception

      • checkSafeDirPath

        public static java.io.File checkSafeDirPath​(java.lang.String safeRootPath,
                                            java.lang.String... subPaths)
                                     throws IllegalPathException
        Directory path sanity checker. Checks folder authorized patterns, path traversal attacks & ESAPI sanity checks
        Parameters:
        safeRootPath - first or initial part(s) of a path representing a FileSystem resource
        subPaths - sub path parts. Every part should be a single folder level.
        Returns:
        the resolved directory File
        Throws:
        IllegalPathException - thrown when any check fails with UnChecked or Runtime exception

      • checkSafeRessourceFilePath

        public static void checkSafeRessourceFilePath​(java.lang.String resourceName)
                                       throws IllegalPathException
        Path sanity for class-path resources Checks filename authorized patterns, path traversal attacks & ESAPI sanity checks
        Parameters:
        resourceName - the resource file name to check
        Throws:
        IllegalPathException - thrown when any check fails with UnChecked or Runtime exception