Repository: stratos Updated Branches: refs/heads/master ceb79e8e9 -> 57236c583
Fixing Security - Array is stored directly sonar reported issue in cloud controller. Project: http://git-wip-us.apache.org/repos/asf/stratos/repo Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/57236c58 Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/57236c58 Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/57236c58 Branch: refs/heads/master Commit: 57236c583d237824c074a1e1ab76de26ceb7e590 Parents: ceb79e8 Author: Nirmal Fernando <[email protected]> Authored: Sat Sep 27 18:47:54 2014 +0530 Committer: Nirmal Fernando <[email protected]> Committed: Sat Sep 27 18:47:54 2014 +0530 ---------------------------------------------------------------------- .../stratos/cloud/controller/pojo/CartridgeConfig.java | 8 +++++--- .../apache/stratos/cloud/controller/pojo/CartridgeInfo.java | 8 +++++--- .../apache/stratos/cloud/controller/pojo/ClusterContext.java | 4 +++- .../org/apache/stratos/cloud/controller/pojo/IaasConfig.java | 4 +++- .../apache/stratos/cloud/controller/pojo/IaasProvider.java | 5 +++-- .../org/apache/stratos/cloud/controller/pojo/Properties.java | 4 +++- 6 files changed, 22 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeConfig.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeConfig.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeConfig.java index d9d59fc..670ef19 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeConfig.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeConfig.java @@ -21,6 +21,8 @@ package org.apache.stratos.cloud.controller.pojo; import java.io.Serializable; +import org.apache.commons.lang3.ArrayUtils; + /** * This class is used as the pojo for supporting the service at CC, * which is called by the Rest API in SM to deploy a cartridge definition @@ -146,7 +148,7 @@ public class CartridgeConfig implements Serializable { } public void setDeploymentDirs(String[] deploymentDirs) { - this.deploymentDirs = deploymentDirs; + this.deploymentDirs = ArrayUtils.clone(deploymentDirs); } public PortMapping[] getPortMappings() { @@ -154,7 +156,7 @@ public class CartridgeConfig implements Serializable { } public void setPortMappings(PortMapping[] portMappings) { - this.portMappings = portMappings; + this.portMappings = ArrayUtils.clone(portMappings); } public Properties getProperties() { @@ -170,7 +172,7 @@ public class CartridgeConfig implements Serializable { } public void setIaasConfigs(IaasConfig[] iaasConfigs) { - this.iaasConfigs = iaasConfigs; + this.iaasConfigs = ArrayUtils.clone(iaasConfigs); } public String toString () { http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeInfo.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeInfo.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeInfo.java index 163f6aa..58cb366 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeInfo.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/CartridgeInfo.java @@ -21,6 +21,8 @@ package org.apache.stratos.cloud.controller.pojo; import java.util.ArrayList; import java.util.List; +import org.apache.commons.lang3.ArrayUtils; + /** * Holds useful information for externals, regarding a Cartridge. */ @@ -162,7 +164,7 @@ public class CartridgeInfo { } public void setPortMappings(PortMapping[] portMappings) { - this.portMappings = portMappings; + this.portMappings = ArrayUtils.clone(portMappings); } public AppType[] getAppTypes() { @@ -170,7 +172,7 @@ public class CartridgeInfo { } public void setAppTypes(AppType[] appTypes) { - this.appTypes = appTypes; + this.appTypes = ArrayUtils.clone(appTypes); } public Property[] getProperties() { @@ -178,7 +180,7 @@ public class CartridgeInfo { } public void setProperties(Property[] properties) { - this.properties = properties; + this.properties = ArrayUtils.clone(properties); } public String getDefaultAutoscalingPolicy() { http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/ClusterContext.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/ClusterContext.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/ClusterContext.java index 14e86f0..cb48739 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/ClusterContext.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/ClusterContext.java @@ -21,6 +21,8 @@ package org.apache.stratos.cloud.controller.pojo; import java.io.Serializable; import java.util.Properties; +import org.apache.commons.lang3.ArrayUtils; + /** * Holds runtime data of a Cluster. * @author nirmal @@ -109,7 +111,7 @@ public class ClusterContext implements Serializable{ } public void setVolumes(Volume[] volumes) { - this.volumes = volumes; + this.volumes = ArrayUtils.clone(volumes); } public Properties getProperties() { http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasConfig.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasConfig.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasConfig.java index 94e9274..0937c81 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasConfig.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasConfig.java @@ -21,6 +21,8 @@ package org.apache.stratos.cloud.controller.pojo; import java.io.Serializable; +import org.apache.commons.lang3.ArrayUtils; + /** * This class is used to support <link>CartridgeConfig</link> * class for the Rest API @@ -93,7 +95,7 @@ public class IaasConfig implements Serializable { } public void setPayload(byte[] payload) { - this.payload = payload; + this.payload = ArrayUtils.clone(payload); } public static long getSerialversionuid() { http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasProvider.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasProvider.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasProvider.java index f6b9dc4..585ca79 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasProvider.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/IaasProvider.java @@ -19,6 +19,7 @@ package org.apache.stratos.cloud.controller.pojo; import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.commons.lang3.ArrayUtils; import org.apache.stratos.cloud.controller.exception.InvalidIaasProviderException; import org.apache.stratos.cloud.controller.interfaces.Iaas; import org.apache.stratos.cloud.controller.util.CloudControllerUtil; @@ -239,7 +240,7 @@ public class IaasProvider implements Serializable{ } public void setPayload(byte[] payload) { - this.payload = payload; + this.payload = ArrayUtils.clone(payload); } /** @@ -253,7 +254,7 @@ public class IaasProvider implements Serializable{ * @param networkInterfaces the networkInterfaces to set */ public void setNetworkInterfaces(NetworkInterface[] networkInterfaces) { - this.networkInterfaces = networkInterfaces; + this.networkInterfaces = ArrayUtils.clone(networkInterfaces); } @Override http://git-wip-us.apache.org/repos/asf/stratos/blob/57236c58/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/Properties.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/Properties.java b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/Properties.java index d5a2fdc..6fab2d9 100644 --- a/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/Properties.java +++ b/components/org.apache.stratos.cloud.controller/src/main/java/org/apache/stratos/cloud/controller/pojo/Properties.java @@ -21,6 +21,8 @@ package org.apache.stratos.cloud.controller.pojo; import java.io.Serializable; import java.util.Arrays; +import org.apache.commons.lang3.ArrayUtils; + /** * Had to wrap {@link Property} array using a class, since there's a bug in current * stub generation. @@ -35,7 +37,7 @@ public class Properties implements Serializable{ } public void setProperties(Property[] properties) { - this.properties = properties; + this.properties = ArrayUtils.clone(properties); } @Override
