Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed major security bug.
A user could effectively specify an undefined url and the program would return a null filter rather than throwing an exception and returning an error to the user. This was a really bad bug. I found it when I was adding code to validate the path parameters. That will be coming in the next commit.
  • Loading branch information
jdhwpgmbca committed Aug 30, 2021
1 parent b1f307e commit 0f74f43
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions src/main/java/com/rtds/svc/CaptureTypeService.java
Expand Up @@ -52,12 +52,16 @@ public String findFilter( String url_suffix )

CaptureType type = em.find( CaptureType.class, url_suffix );

if( type != null )
if( type == null )
{
return type.getCaptureFilter();
throw new IllegalArgumentException( "The url_suffix must exist in the database." );
}

return null;
// It is okay for the capture filter itself to be null, but the CaptureType
// must be in the database, otherwise the user could effectively forge
// a capture filter for "all" just by requesting a non-existent filter.

return type.getCaptureFilter();
}

public CaptureType find( String url_suffix )
Expand Down

0 comments on commit 0f74f43

Please sign in to comment.