Permalink
Browse files

#963 Added check for unusual/unexpected file extensions

In case that a file extension
- has no characters or more than 20 characters
- contains characters other than a-z, a-Z, 0-9, _
a blank is saved as file extension instead
  • Loading branch information...
MPDLbrede committed Sep 21, 2018
1 parent b9f558f commit 328dbf624d09ce3fea13007d1bf196a7e082539b
Showing with 6 additions and 3 deletions.
  1. +6 −3 src/main/java/de/mpg/imeji/logic/util/StorageUtils.java
@@ -10,6 +10,7 @@
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.util.regex.Pattern;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.httpclient.HttpClient;
@@ -45,6 +46,8 @@
private static Tika tika = new Tika();
public static final MimeTypes allTypes = MimeTypes.getDefaultMimeTypes();
private static final int MAX_LENGTH_FILE_EXTENSION = 20;
private static final String EXPECTED_FILE_EXTENSION_REGEX = "[a-zA-Z\\d]{1," + MAX_LENGTH_FILE_EXTENSION +"}?";
/**
* Transform an {@link InputStream} to a {@link Byte} array
@@ -192,7 +195,7 @@ public static String getExtension(File file) {
String extension = FilenameUtils.getExtension(filename);
// filename does not contain an extension -> try to infer one
if(extension.isEmpty()) {
if(extension.isEmpty() || !Pattern.matches(EXPECTED_FILE_EXTENSION_REGEX, extension)) {
extension = guessExtension(file);
}
@@ -212,8 +215,8 @@ public static String getExtensionFromFileName(String filename) {
String extension = "";
if(filename != null) {
extension = FilenameUtils.getExtension(filename);
if(extension == null || extension.isEmpty()) {
extension = new String (" ");
if(extension == null || extension.isEmpty() || !Pattern.matches(EXPECTED_FILE_EXTENSION_REGEX, extension)) {
extension = new String(" ");
}
}
return extension;

0 comments on commit 328dbf6

Please sign in to comment.