Skip to content

Commit 64e0629

Browse files
mawhitbymawhitby
committed
HP Fortify false positives and fixes
1 parent 6902708 commit 64e0629

File tree

2 files changed

+19
-2
lines changed

2 files changed

+19
-2
lines changed

core/ingest/src/main/java/mil/nga/giat/geowave/core/ingest/local/AbstractLocalFileDriver.java

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,9 @@ private static void setURLStreamHandlerFactory()
108108
IllegalAccessException {
109109

110110
Field factoryField = URL.class.getDeclaredField("factory");
111+
// HP Fortify "Access Control" false positive
112+
// The need to change the accessibility here is
113+
// necessary, has been review and judged to be safe
111114
factoryField.setAccessible(true);
112115

113116
URLStreamHandlerFactory urlStreamHandlerFactory = (URLStreamHandlerFactory) factoryField.get(null);
@@ -118,6 +121,9 @@ private static void setURLStreamHandlerFactory()
118121
}
119122
else {
120123
Field lockField = URL.class.getDeclaredField("streamHandlerLock");
124+
// HP Fortify "Access Control" false positive
125+
// The need to change the accessibility here is
126+
// necessary, has been review and judged to be safe
121127
lockField.setAccessible(true);
122128
synchronized (lockField.get(null)) {
123129

@@ -150,6 +156,11 @@ protected void processInput(
150156
configFile,
151157
null);
152158
}
159+
160+
if (configProperties == null) {
161+
LOGGER.error("Unable to load properties form " + configFile.getAbsolutePath());
162+
return;
163+
}
153164

154165
// If input path is S3
155166
if (inputPath.startsWith("s3://")) {
@@ -175,6 +186,9 @@ protected void processInput(
175186
s3EndpointUrl = "s3://" + s3EndpointUrl;
176187
}
177188
FileSystem fs = FileSystems.newFileSystem(
189+
// HP Fortify "Path Traversal" false positive
190+
// What Fortify considers "user input" comes only
191+
// from users with OS-level access anyway
178192
new URI(
179193
s3EndpointUrl + "/"),
180194
new HashMap<String, Object>(),
@@ -215,6 +229,9 @@ else if (inputPath.startsWith("hdfs://")) {
215229

216230
URI uri = new URI(
217231
hdfsFSUrl + hdfsInputPath);
232+
// HP Fortify "Path Traversal" false positive
233+
// What Fortify considers "user input" comes only
234+
// from users with OS-level access anyway
218235
path = Paths.get(uri);
219236
if (!Files.exists(path)) {
220237
LOGGER.error("Input path " + inputPath + " does not exist");

core/ingest/src/main/java/mil/nga/giat/geowave/core/ingest/s3/S3URLConnection.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,13 +62,13 @@ private ClientConfiguration buildClientConfig() {
6262
null);
6363
final String protocol = System.getProperty(
6464
PROP_S3_HANDLER_PROTOCOL,
65-
"https").toLowerCase();
65+
"https");
6666
final String signerOverride = System.getProperty(
6767
PROP_S3_HANDLER_SIGNER_OVERRIDE,
6868
null);
6969

7070
final ClientConfiguration clientConfig = new ClientConfiguration()
71-
.withProtocol("https".equals(protocol) ? Protocol.HTTPS : Protocol.HTTP);
71+
.withProtocol("https".equalsIgnoreCase(protocol) ? Protocol.HTTPS : Protocol.HTTP);
7272

7373
if (userAgent != null) {
7474
clientConfig.setUserAgent(userAgent);

0 commit comments

Comments
 (0)