-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathbig_vf.csv
We can't make this file beautiful and searchable because it's too large.
17228 lines (16950 loc) · 703 KB
/
big_vf.csv
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
commit_id,repo,partition,diff,label,PL,LOC_MOD,filename
ea2060f5ae7368a693f2099878ec24410aa75d77,jooby-project/jooby,train,"@@ -21,6 +21,7 @@ package org.jooby;
import static com.google.common.base.Preconditions.checkArgument;
import static java.util.Objects.requireNonNull;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
@@ -29,6 +30,7 @@ import java.util.NoSuchElementException;
import java.util.Optional;
import java.util.function.BiFunction;
import java.util.function.Consumer;
+import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
@@ -66,7 +68,7 @@ import javaslang.control.Try.CheckedConsumer;
public interface Env extends LifeCycle {
/**
- * Utility class for generated {@link Key} for named services.
+ * Utility class for generating {@link Key} for named services.
*
* @author edgar
*/
@@ -139,6 +141,8 @@ public interface Env extends LifeCycle {
private ImmutableList.Builder<CheckedConsumer<Registry>> shutdown = ImmutableList.builder();
+ private Map<String, Function<String, String>> xss = new HashMap<>();
+
private ServiceKey key = new ServiceKey();
@Override
@@ -195,6 +199,18 @@ public interface Env extends LifeCycle {
public List<CheckedConsumer<Registry>> startTasks() {
return this.start.build();
}
+
+ @Override
+ public Map<String, Function<String, String>> xss() {
+ return Collections.unmodifiableMap(xss);
+ }
+
+ @Override
+ public Env xss(final String name, final Function<String, String> escaper) {
+ xss.put(requireNonNull(name, ""Name required.""),
+ requireNonNull(escaper, ""Function required.""));
+ return this;
+ }
};
};
@@ -228,7 +244,6 @@ public interface Env extends LifeCycle {
return new ServiceKey();
}
-
/**
* Returns a string with all substitutions (the <code>${foo.bar}</code> syntax,
* see <a href=""https://github.com/typesafehub/config/blob/master/HOCON.md"">the
@@ -423,6 +438,20 @@ public interface Env extends LifeCycle {
return match().option(API.Case(predicate, result));
}
+ /**
+ * @return XSS escape functions.
+ */
+ Map<String, Function<String, String>> xss();
+
+ /**
+ * Set/override a XSS escape function.
+ *
+ * @param name Escape's name.
+ * @param escaper Escape function.
+ * @return This environment.
+ */
+ Env xss(String name, Function<String, String> escaper);
+
/**
* @return List of start tasks.
*/
",1,java,16.0,Env.java
0d830e8cbe5213968abb1bcb1c816ca2ee00aa53,joniles/mpxj,train,"@@ -39,17 +39,11 @@ import java.util.regex.Pattern;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.bind.UnmarshallerHandler;
import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.parsers.SAXParser;
-import javax.xml.parsers.SAXParserFactory;
import org.apache.poi.util.ReplacingInputStream;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
-import org.xml.sax.XMLFilter;
-import org.xml.sax.XMLReader;
import net.sf.mpxj.ActivityCode;
import net.sf.mpxj.ActivityCodeContainer;
@@ -84,6 +78,7 @@ import net.sf.mpxj.TimeUnit;
import net.sf.mpxj.common.BooleanHelper;
import net.sf.mpxj.common.DateHelper;
import net.sf.mpxj.common.NumberHelper;
+import net.sf.mpxj.common.UnmarshalHelper;
import net.sf.mpxj.listener.ProjectListener;
import net.sf.mpxj.primavera.schema.APIBusinessObjects;
import net.sf.mpxj.primavera.schema.ActivityCodeType;
@@ -265,25 +260,12 @@ public final class PrimaveraPMFileReader extends AbstractProjectReader
{
try
{
- SAXParserFactory factory = SAXParserFactory.newInstance();
- factory.setFeature(""http://apache.org/xml/features/disallow-doctype-decl"", true);
- factory.setNamespaceAware(true);
- SAXParser saxParser = factory.newSAXParser();
- XMLReader xmlReader = saxParser.getXMLReader();
-
if (CONTEXT == null)
{
throw CONTEXT_EXCEPTION;
}
- Unmarshaller unmarshaller = CONTEXT.createUnmarshaller();
- XMLFilter filter = new NamespaceFilter();
- filter.setParent(xmlReader);
- UnmarshallerHandler unmarshallerHandler = unmarshaller.getUnmarshallerHandler();
- filter.setContentHandler(unmarshallerHandler);
- filter.parse(configureInputSource(stream));
-
- return (APIBusinessObjects) unmarshallerHandler.getResult();
+ return (APIBusinessObjects) UnmarshalHelper.unmarshal(CONTEXT, configureInputSource(stream), new NamespaceFilter(), false);
}
catch (ParserConfigurationException ex)
",1,java,20.0,PrimaveraPMFileReader.java
c3e457f7a16facfe563eade82b0fa8736a8c96f9,joniles/mpxj,train,"@@ -25,7 +25,6 @@
import java.io.IOException;
import java.io.InputStream;
-import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
@@ -36,16 +35,9 @@
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.bind.UnmarshallerHandler;
import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.parsers.SAXParser;
-import javax.xml.parsers.SAXParserFactory;
-import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
-import org.xml.sax.XMLFilter;
-import org.xml.sax.XMLReader;
import net.sf.mpxj.DateRange;
import net.sf.mpxj.Duration;
@@ -65,6 +57,7 @@
import net.sf.mpxj.Task;
import net.sf.mpxj.TimeUnit;
import net.sf.mpxj.common.AlphanumComparator;
+import net.sf.mpxj.common.UnmarshalHelper;
import net.sf.mpxj.conceptdraw.schema.Document;
import net.sf.mpxj.conceptdraw.schema.Document.Calendars.Calendar;
import net.sf.mpxj.conceptdraw.schema.Document.Calendars.Calendar.ExceptedDays.ExceptedDay;
@@ -99,6 +92,11 @@
{
try
{
+ if (CONTEXT == null)
+ {
+ throw CONTEXT_EXCEPTION;
+ }
+
m_projectFile = new ProjectFile();
m_eventManager = m_projectFile.getEventManager();
m_calendarMap = new HashMap<>();
@@ -113,23 +111,7 @@
m_eventManager.addProjectListeners(m_projectListeners);
- SAXParserFactory factory = SAXParserFactory.newInstance();
- SAXParser saxParser = factory.newSAXParser();
- XMLReader xmlReader = saxParser.getXMLReader();
-
- if (CONTEXT == null)
- {
- throw CONTEXT_EXCEPTION;
- }
-
- Unmarshaller unmarshaller = CONTEXT.createUnmarshaller();
-
- XMLFilter filter = new NamespaceFilter();
- filter.setParent(xmlReader);
- UnmarshallerHandler unmarshallerHandler = unmarshaller.getUnmarshallerHandler();
- filter.setContentHandler(unmarshallerHandler);
- filter.parse(new InputSource(new InputStreamReader(stream)));
- Document cdp = (Document) unmarshallerHandler.getResult();
+ Document cdp = (Document) UnmarshalHelper.unmarshal(CONTEXT, stream, new NamespaceFilter());
readProjectProperties(cdp);
readCalendars(cdp);",1,java,28.0,src/main/java/net/sf/mpxj/conceptdraw/ConceptDrawProjectReader.java
1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb,apache/hive,train,"@@ -63,7 +63,7 @@ public static void setHiveConfWhiteList(HiveConf hiveConf) throws HiveAuthzPlugi
String curBlackList = hiveConf.getVar(ConfVars.HIVE_SERVER2_BUILTIN_UDF_BLACKLIST);
if (curBlackList == null || curBlackList.trim().isEmpty()) {
- hiveConf.setVar(ConfVars.HIVE_SERVER2_BUILTIN_UDF_BLACKLIST, ""reflect,reflect2,java_method"");
+ hiveConf.setVar(ConfVars.HIVE_SERVER2_BUILTIN_UDF_BLACKLIST, ""reflect,reflect2,java_method,in_file"");
}
}",1,java,2.0,SettableConfigUpdater.java
3c9152e2c75f7e8b654beec40383748a14c6b51b,AsyncHttpClient/async-http-client,train,"@@ -0,0 +1,96 @@
+/*
+ * To the extent possible under law, Kevin Locke has waived all copyright and
+ * related or neighboring rights to this work.
+ * <p/>
+ * A legal description of this waiver is available in <a href=""https://gist.github.com/kevinoid/3829665"">LICENSE.txt</a>
+ */
+package org.asynchttpclient.util;
+
+import sun.security.util.HostnameChecker;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+import javax.security.auth.kerberos.KerberosPrincipal;
+import java.security.Principal;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+/**
+ * Uses the internal HostnameChecker to verify the server's hostname matches with the
+ * certificate. This is a requirement for HTTPS, but the raw SSLEngine does not have
+ * this functionality. As such, it has to be added in manually. For a more complete
+ * description of hostname verification and why it's important,
+ * please read
+ * <a href=""http://tersesystems.com/2014/03/23/fixing-hostname-verification/"">Fixing
+ * Hostname Verification</a>.
+ * <p/>
+ * This code is based on Kevin Locke's <a href=""http://kevinlocke.name/bits/2012/10/03/ssl-certificate-verification-in-dispatch-and-asynchttpclient/"">guide</a> .
+ * <p/>
+
+ */
+public class DefaultHostnameVerifier implements HostnameVerifier {
+
+ private HostnameVerifier extraHostnameVerifier;
+
+ public DefaultHostnameVerifier() {
+ }
+
+ public DefaultHostnameVerifier(HostnameVerifier extraHostnameVerifier) {
+ this.extraHostnameVerifier = extraHostnameVerifier;
+ }
+
+ private boolean hostnameMatches(String hostname, SSLSession session) {
+ HostnameChecker checker =
+ HostnameChecker.getInstance(HostnameChecker.TYPE_TLS);
+
+ boolean validCertificate = false, validPrincipal = false;
+ try {
+ Certificate[] peerCertificates = session.getPeerCertificates();
+
+ if (peerCertificates.length > 0 &&
+ peerCertificates[0] instanceof X509Certificate) {
+ X509Certificate peerCertificate =
+ (X509Certificate) peerCertificates[0];
+
+ try {
+ checker.match(hostname, peerCertificate);
+ // Certificate matches hostname
+ validCertificate = true;
+ } catch (CertificateException ex) {
+ // Certificate does not match hostname
+ }
+ } else {
+ // Peer does not have any certificates or they aren't X.509
+ }
+ } catch (SSLPeerUnverifiedException ex) {
+ // Not using certificates for peers, try verifying the principal
+ try {
+ Principal peerPrincipal = session.getPeerPrincipal();
+ if (peerPrincipal instanceof KerberosPrincipal) {
+ validPrincipal = HostnameChecker.match(hostname,
+ (KerberosPrincipal) peerPrincipal);
+ } else {
+ // Can't verify principal, not Kerberos
+ }
+ } catch (SSLPeerUnverifiedException ex2) {
+ // Can't verify principal, no principal
+ }
+ }
+
+ return validCertificate || validPrincipal;
+ }
+
+ public boolean verify(String hostname, SSLSession session) {
+ if (hostnameMatches(hostname, session)) {
+ return true;
+ } else {
+ if (extraHostnameVerifier != null) {
+ return extraHostnameVerifier.verify(hostname, session);
+ } else {
+ return false;
+ }
+ }
+ }
+}
From fa056c572ab0c9b6edd05a7cc508898f35cc90d5 Mon Sep 17 00:00:00 2001
From: Will Sargent <[email protected]>
Date: Mon, 24 Mar 2014 23:25:44 -0700
Subject: [PATCH 2/3] Use reflection to avoid the ""not part of JDK"" error
running tests.
---
.../AsyncHttpClientConfigBean.java | 8 +-
.../util/DefaultHostnameVerifier.java | 73 ++++++++++++++++---
2 files changed, 65 insertions(+), 16 deletions(-)",1,java,60.0,api/src/main/java/org/asynchttpclient/util/DefaultHostnameVerifier.java
14b62aca4764d496813f55a43d050b017e01eb65,pgjdbc/pgjdbc,train,"@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2020, PostgreSQL Global Development Group
+ * See the LICENSE file in the project root for more information.
+ */
+
+package org.postgresql.xml;
+
+import org.xml.sax.ErrorHandler;
+import org.xml.sax.SAXParseException;
+
+/**
+ * Error handler that silently suppresses all errors.
+ */
+public class NullErrorHandler implements ErrorHandler {
+ public static final NullErrorHandler INSTANCE = new NullErrorHandler();
+
+ public void error(SAXParseException e) {
+ }
+
+ public void fatalError(SAXParseException e) {
+ }
+
+ public void warning(SAXParseException e) {
+ }
+}",1,java,13.0,pgjdbc/src/main/java/org/postgresql/xml/NullErrorHandler.java
14b62aca4764d496813f55a43d050b017e01eb65,pgjdbc/pgjdbc,train,"@@ -661,6 +661,17 @@
""false"",
""Use SPNEGO in SSPI authentication requests""),
+ /**
+ * Factory class to instantiate factories for XML processing.
+ * The default factory disables external entity processing.
+ * Legacy behavior with external entity processing can be enabled by specifying a value of LEGACY_INSECURE.
+ * Or specify a custom class that implements {@code org.postgresql.xml.PGXmlFactoryFactory}.
+ */
+ XML_FACTORY_FACTORY(
+ ""xmlFactoryFactory"",
+ """",
+ ""Factory class to instantiate factories for XML processing""),
+
;
private final String name;",1,java,5.0,pgjdbc/src/main/java/org/postgresql/PGProperty.java
0a78612f981c541ad2d997e6a365f2a0b3e799d9,cloudfoundry/uaa,train,"@@ -0,0 +1,65 @@
+package org.cloudfoundry.identity.uaa.security;
+
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+public class X509ExpiryCheckingTrustManager implements X509TrustManager {
+
+ private X509TrustManager delegate;
+
+ public X509ExpiryCheckingTrustManager() {
+ try {
+ TrustManagerFactory tmf;
+ tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init((KeyStore) null);
+ X509TrustManager x509Tm = null;
+ for (TrustManager tm : tmf.getTrustManagers()) {
+ if (tm instanceof X509TrustManager) {
+ x509Tm = (X509TrustManager) tm;
+ break;
+ }
+ }
+ delegate = x509Tm;
+ } catch (NoSuchAlgorithmException | KeyStoreException e) {
+ }
+ }
+
+ protected void setDelegate(X509TrustManager delegate) {
+ this.delegate = delegate;
+ }
+
+ @Override
+ public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+ if (delegate == null) {
+ throw new CertificateException();
+ } else {
+ delegate.checkClientTrusted(x509Certificates, s);
+ }
+ }
+
+ @Override
+ public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+ if (delegate == null) {
+ throw new CertificateException();
+ } else {
+ delegate.checkServerTrusted(x509Certificates, s);
+ }
+ for (X509Certificate certificate : x509Certificates) {
+ certificate.checkValidity();
+ }
+ }
+
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ if (delegate != null) {
+ return delegate.getAcceptedIssuers();
+ }
+ return new X509Certificate[0];
+ }
+}",1,java,58.0,X509ExpiryCheckingTrustManager.java
ae9ba6cfd32ed80469f162e5e3583e2477862ddf,ctripcorp/apollo,train,"@@ -173,4 +173,11 @@ int checkInt(int value, int min, int max, int defaultValue) {
return defaultValue;
}
+ public boolean isAdminServiceAccessControlEnabled() {
+ return getBooleanProperty(""admin-service.access.control.enabled"", false);
+ }
+
+ public String getAdminServiceAccessTokens() {
+ return getValue(""admin-service.access.tokens"");
+ }
}",1,java,7.0,apollo-biz/src/main/java/com/ctrip/framework/apollo/biz/config/BizConfig.java
3bca8f8d25d7d55f20676a6f12e15940917e33f6,hmcts/ccd-data-store-api,train,"@@ -47,12 +47,6 @@ public class AuthorisedGetCaseViewOperation extends AbstractAuthorisedCaseViewOp
return filterUpsertAccess(caseType, userRoles, caseView);
}
- @Override
- @Deprecated
- public CaseView execute(String jurisdictionId, String caseTypeId, String caseReference) {
- return execute(caseReference);
- }
-
private CaseView filterUpsertAccess(CaseType caseType, Set<String> userRoles, CaseView caseView) {
CaseViewTrigger[] authorisedTriggers;
if (!getAccessControlService().canAccessCaseTypeWithCriteria(caseType,
",1,java,6.0,AuthorisedGetCaseViewOperation.java
3bca8f8d25d7d55f20676a6f12e15940917e33f6,hmcts/ccd-data-store-api,train,"@@ -4,16 +4,5 @@ import uk.gov.hmcts.ccd.domain.model.aggregated.CaseView;
public interface GetCaseViewOperation {
- /**
- *
- * @param jurisdictionId
- * @param caseTypeId
- * @param caseReference
- * @return When found, case for given reference, formatted for display
- * @deprecated Use {@link #execute(String)} instead
- */
- @Deprecated
- CaseView execute(String jurisdictionId, String caseTypeId, String caseReference);
-
CaseView execute(String caseReference);
}
",1,java,3.0,GetCaseViewOperation.java
4092ede58da51af9a21e4825fbad0d9a3ef5a223,bcgit/bc-java,train,"@@ -321,12 +321,25 @@ public static int getLeafIndex(long index, int xmssTreeHeight)
return out.toByteArray();
}
- public static Object deserialize(byte[] data)
+ public static Object deserialize(byte[] data, Class clazz)
throws IOException, ClassNotFoundException
{
ByteArrayInputStream in = new ByteArrayInputStream(data);
ObjectInputStream is = new ObjectInputStream(in);
- return is.readObject();
+ Object obj = is.readObject();
+
+ if (is.available() != 0)
+ {
+ throw new IOException(""unexpected data found at end of ObjectInputStream"");
+ }
+ if (clazz.isInstance(obj))
+ {
+ return obj;
+ }
+ else
+ {
+ throw new IOException(""unexpected class found in ObjectInputStream"");
+ }
}
public static int calculateTau(int index, int height)",1,java,16.0,core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java
ce5c3e8079d64929abb76ec3ec7ac7c71a4a26b6,dotCMS/core,train,"@@ -438,7 +438,18 @@ public static String getStringProperty (String name) {
_refreshProperties ();
return props.getStringArray(name);
}
-
+
+ /**
+ * If config value == null, returns the default
+ * @param name
+ * @param defaultValue
+ * @return
+ */
+ public static String[] getStringArrayProperty (String name, String[] defaultValue) {
+ _refreshProperties ();
+
+ return props.containsKey(name) ? props.getStringArray(name) : defaultValue;
+ }",1,java,5.0,dotCMS/src/main/java/com/dotmarketing/util/Config.java
c014f78b148685527c5646b1204cd7f595005afa,bcgit/bc-java,train,"@@ -0,0 +1,92 @@
+package org.bouncycastle.asn1.x509;
+
+import org.bouncycastle.asn1.ASN1Encodable;
+import org.bouncycastle.asn1.ASN1EncodableVector;
+import org.bouncycastle.asn1.ASN1Object;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1TaggedObject;
+import org.bouncycastle.asn1.DERSequence;
+import org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * The OtherName object.
+ * <pre>
+ * OtherName ::= SEQUENCE {
+ * type-id OBJECT IDENTIFIER,
+ * value [0] EXPLICIT ANY DEFINED BY type-id }
+ * </pre>
+ */
+public class OtherName
+ extends ASN1Object
+{
+ private final ASN1ObjectIdentifier typeID;
+ private final ASN1Encodable value;
+
+ /**
+ * OtherName factory method.
+ * @param obj the object used to construct an instance of <code>
+ * OtherName</code>. It must be an instance of <code>OtherName
+ * </code> or <code>ASN1Sequence</code>.
+ * @return the instance of <code>OtherName</code> built from the
+ * supplied object.
+ * @throws java.lang.IllegalArgumentException if the object passed
+ * to the factory is not an instance of <code>OtherName</code> or something that
+ * can be converted into an appropriate <code>ASN1Sequence</code>.
+ */
+ public static OtherName getInstance(
+ Object obj)
+ {
+
+ if (obj instanceof OtherName)
+ {
+ return (OtherName)obj;
+ }
+ else if (obj != null)
+ {
+ return new OtherName(ASN1Sequence.getInstance(obj));
+ }
+
+ return null;
+ }
+
+ /**
+ * Base constructor.
+ * @param typeID the type of the other name.
+ * @param value the ANY object that represents the value.
+ */
+ public OtherName(
+ ASN1ObjectIdentifier typeID,
+ ASN1Encodable value)
+ {
+ this.typeID = typeID;
+ this.value = value;
+ }
+
+ private OtherName(ASN1Sequence seq)
+ {
+ this.typeID = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+ this.value = ASN1TaggedObject.getInstance(seq.getObjectAt(1)).getObject(); // explicitly tagged
+ }
+
+ public ASN1ObjectIdentifier getTypeID()
+ {
+ return typeID;
+ }
+
+ public ASN1Encodable getValue()
+ {
+ return value;
+ }
+
+ public ASN1Primitive toASN1Primitive()
+ {
+ ASN1EncodableVector v = new ASN1EncodableVector();
+
+ v.add(typeID);
+ v.add(new DERTaggedObject(true, 0, value));
+
+ return new DERSequence(v);
+ }
+}
",1,java,57.0,OtherName.java
1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb,apache/hive,train,"@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * ""License""); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an ""AS IS"" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.ql.security.authorization.plugin.fallback;
+
+import org.apache.hadoop.hive.conf.HiveConf;
+import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizer;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzSessionContext;
+import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveMetastoreClientFactory;
+
+public class FallbackHiveAuthorizerFactory implements HiveAuthorizerFactory {
+ @Override
+ public HiveAuthorizer createHiveAuthorizer(HiveMetastoreClientFactory metastoreClientFactory,
+ HiveConf conf, HiveAuthenticationProvider authenticator,
+ HiveAuthzSessionContext ctx) {
+ return new FallbackHiveAuthorizer(conf, authenticator, ctx);
+ }
+}",1,java,17.0,FallbackHiveAuthorizerFactory.java
efad4cca2d7d461f5f8c08a0d7b51fabeb82d0a,apache/storm,train,"@@ -861,52 +861,9 @@ public class Utils {
- public static void unJar(File jarFile, File toDir)
- throws IOException {
- JarFile jar = new JarFile(jarFile);
- try {
- Enumeration<JarEntry> entries = jar.entries();
- while (entries.hasMoreElements()) {
- final JarEntry entry = entries.nextElement();
- if (!entry.isDirectory()) {
- InputStream in = jar.getInputStream(entry);
- try {
- File file = new File(toDir, entry.getName());
- ensureDirectory(file.getParentFile());
- OutputStream out = new FileOutputStream(file);
- try {
- copyBytes(in, out, 8192);
- } finally {
- out.close();
- }
- } finally {
- in.close();
- }
- }
- }
- } finally {
- jar.close();
- }
- }
-
- /**
- * Copies from one stream to another.
- *
- * @param in InputStream to read from
- * @param out OutputStream to write to
- * @param buffSize the size of the buffer
- */
- public static void copyBytes(InputStream in, OutputStream out, int buffSize)
- throws IOException {
- PrintStream ps = out instanceof PrintStream ? (PrintStream)out : null;
- byte buf[] = new byte[buffSize];
- int bytesRead = in.read(buf);
- while (bytesRead >= 0) {
- out.write(buf, 0, bytesRead);
- if ((ps != null) && ps.checkError()) {
- throw new IOException(""Unable to write to output stream."");
- }
- bytesRead = in.read(buf);
+ public static void unJar(File jarFile, File toDir) throws IOException {
+ try (JarFile jar = new JarFile(jarFile)) {
+ extractZipFile(jar, toDir, null);
}
}
@@ -930,20 +887,17 @@ public class Utils {
+ * @param symlinksDisabled true if symlinks should be disabled, else false.
- public static void unTar(File inFile, File untarDir) throws IOException {
- if (!untarDir.mkdirs()) {
- if (!untarDir.isDirectory()) {
- throw new IOException(""Mkdirs failed to create "" + untarDir);
- }
- }
+ public static void unTar(File inFile, File untarDir, boolean symlinksDisabled) throws IOException {
+ ensureDirectory(untarDir);
boolean gzipped = inFile.toString().endsWith(""gz"");
- if (isOnWindows()) {
+ if (Utils.isOnWindows() || symlinksDisabled) {
- unTarUsingJava(inFile, untarDir, gzipped);
+ unTarUsingJava(inFile, untarDir, gzipped, symlinksDisabled);
} else {
@@ -980,7 +934,9 @@ public class Utils {
}
private static void unTarUsingJava(File inFile, File untarDir,
- boolean gzipped) throws IOException {
+ boolean gzipped, boolean symlinksDisabled) throws IOException {
+ final String base = untarDir.getCanonicalPath();
+ LOG.trace(""java untar {} to {}"", inFile, base);
InputStream inputStream = null;
try {
if (gzipped) {
@@ -991,7 +947,7 @@ public class Utils {
}
try (TarArchiveInputStream tis = new TarArchiveInputStream(inputStream)) {
for (TarArchiveEntry entry = tis.getNextTarEntry(); entry != null; ) {
- unpackEntries(tis, entry, untarDir);
+ unpackEntries(tis, entry, untarDir, base, symlinksDisabled);
entry = tis.getNextTarEntry();
}
}
@@ -1003,35 +959,82 @@ public class Utils {
}
private static void unpackEntries(TarArchiveInputStream tis,
- TarArchiveEntry entry, File outputDir) throws IOException {
+ TarArchiveEntry entry, File outputDir, final String base,
+ boolean symlinksDisabled) throws IOException {
+ File target = new File(outputDir, entry.getName());
+ String found = target.getCanonicalPath();
+ if (!found.startsWith(base)) {
+ LOG.error(""Invalid location {} is outside of {}"", found, base);
+ return;
+ }
if (entry.isDirectory()) {
- File subDir = new File(outputDir, entry.getName());
- if (!subDir.mkdirs() && !subDir.isDirectory()) {
- throw new IOException(""Mkdirs failed to create tar internal dir ""
- + outputDir);
- }
+ LOG.trace(""Extracting dir {}"", target);
+ ensureDirectory(target);
for (TarArchiveEntry e : entry.getDirectoryEntries()) {
- unpackEntries(tis, e, subDir);
+ unpackEntries(tis, e, target, base, symlinksDisabled);
}
- return;
+ } else if (entry.isSymbolicLink()) {
+ if (symlinksDisabled) {
+ LOG.info(""Symlinks disabled skipping {}"", target);
+ } else {
+ Path src = target.toPath();
+ Path dest = Paths.get(entry.getLinkName());
+ LOG.trace(""Extracting sym link {} to {}"", target, dest);
+ // Create symbolic link relative to tar parent dir
+ Files.createSymbolicLink(src, dest);
+ }
+ } else if (entry.isFile()) {
+ LOG.trace(""Extracting file {}"", target);
+ ensureDirectory(target.getParentFile());
+ try (BufferedOutputStream outputStream = new BufferedOutputStream(new FileOutputStream(target))) {
+ IOUtils.copy(tis, outputStream);
+ }
+ } else {
+ LOG.error(""{} is not a currently supported tar entry type."", entry);
}
- File outputFile = new File(outputDir, entry.getName());
- if (!outputFile.getParentFile().exists()) {
- if (!outputFile.getParentFile().mkdirs()) {
- throw new IOException(""Mkdirs failed to create tar internal dir ""
- + outputDir);
+
+ Path p = target.toPath();
+ if (Files.exists(p)) {
+ try {
+ //We created it so lets chmod it properly
+ int mode = entry.getMode();
+ Files.setPosixFilePermissions(p, parsePerms(mode));
+ } catch (UnsupportedOperationException e) {
+ //Ignored the file system we are on does not support this, so don't do it.
}
}
- int count;
- byte data[] = new byte[2048];
- BufferedOutputStream outputStream = new BufferedOutputStream(
- new FileOutputStream(outputFile));
+ }
- while ((count = tis.read(data)) != -1) {
- outputStream.write(data, 0, count);
+ private static Set<PosixFilePermission> parsePerms(int mode) {
+ Set<PosixFilePermission> ret = new HashSet<>();
+ if ((mode & 0001) > 0) {
+ ret.add(PosixFilePermission.OTHERS_EXECUTE);
+ }
+ if ((mode & 0002) > 0) {
+ ret.add(PosixFilePermission.OTHERS_WRITE);
+ }
+ if ((mode & 0004) > 0) {
+ ret.add(PosixFilePermission.OTHERS_READ);
+ }
+ if ((mode & 0010) > 0) {
+ ret.add(PosixFilePermission.GROUP_EXECUTE);
+ }
+ if ((mode & 0020) > 0) {
+ ret.add(PosixFilePermission.GROUP_WRITE);
}
- outputStream.flush();
- outputStream.close();
+ if ((mode & 0040) > 0) {
+ ret.add(PosixFilePermission.GROUP_READ);
+ }
+ if ((mode & 0100) > 0) {
+ ret.add(PosixFilePermission.OWNER_EXECUTE);
+ }
+ if ((mode & 0200) > 0) {
+ ret.add(PosixFilePermission.OWNER_WRITE);
+ }
+ if ((mode & 0400) > 0) {
+ ret.add(PosixFilePermission.OWNER_READ);
+ }
+ return ret;
}
public static boolean isOnWindows() {
@@ -1045,16 +1048,21 @@ public class Utils {
return Paths.get(path).isAbsolute();
}
- public static void unpack(File localrsrc, File dst) throws IOException {
+ public static void unpack(File localrsrc, File dst, boolean symLinksDisabled) throws IOException {
String lowerDst = localrsrc.getName().toLowerCase();
- if (lowerDst.endsWith("".jar"")) {
+ if (lowerDst.endsWith("".jar"") ||
+ lowerDst.endsWith(""_jar"")) {
unJar(localrsrc, dst);
- } else if (lowerDst.endsWith("".zip"")) {
+ } else if (lowerDst.endsWith("".zip"") ||
+ lowerDst.endsWith(""_zip"")) {
unZip(localrsrc, dst);
} else if (lowerDst.endsWith("".tar.gz"") ||
- lowerDst.endsWith("".tgz"") ||
- lowerDst.endsWith("".tar"")) {
- unTar(localrsrc, dst);
+ lowerDst.endsWith(""_tar_gz"") ||
+ lowerDst.endsWith("".tgz"") ||
+ lowerDst.endsWith(""_tgz"") ||
+ lowerDst.endsWith("".tar"") ||
+ lowerDst.endsWith(""_tar"")) {
+ unTar(localrsrc, dst, symLinksDisabled);
} else {
LOG.warn(""Cannot unpack "" + localrsrc);
if (!localrsrc.renameTo(dst)) {
@@ -1067,6 +1075,35 @@ public class Utils {
}
}
+ private static void extractZipFile(ZipFile zipFile, File toDir, String prefix) throws IOException {
+ ensureDirectory(toDir);
+ final String base = toDir.getCanonicalPath();
+
+ Enumeration<? extends ZipEntry> entries = zipFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry entry = entries.nextElement();
+ if (!entry.isDirectory()) {
+ if (prefix != null && !entry.getName().startsWith(prefix)) {
+ //No need to extract it, it is not what we are looking for.
+ continue;
+ }
+ File file = new File(toDir, entry.getName());
+ String found = file.getCanonicalPath();
+ if (!found.startsWith(base)) {
+ LOG.error(""Invalid location {} is outside of {}"", found, base);
+ continue;
+ }
+
+ try (InputStream in = zipFile.getInputStream(entry)) {
+ ensureDirectory(file.getParentFile());
+ try (OutputStream out = new FileOutputStream(file)) {
+ IOUtils.copy(in, out);
+ }
+ }
+ }
+ }
+ }
+
public static boolean canUserReadBlob(ReadableBlobMeta meta, String user) {
SettableBlobMeta settable = meta.get_settable();
for (AccessControl acl : settable.get_acl()) {
@@ -1398,45 +1435,12 @@ public class Utils {
- * @param unzipDir The unzip directory where to unzip the zip file.
+ * @param toDir The unzip directory where to unzip the zip file.
- public static void unZip(File inFile, File unzipDir) throws IOException {
- Enumeration<? extends ZipEntry> entries;
- ZipFile zipFile = new ZipFile(inFile);
-
- try {
- entries = zipFile.entries();
- while (entries.hasMoreElements()) {
- ZipEntry entry = entries.nextElement();
- if (!entry.isDirectory()) {
- InputStream in = zipFile.getInputStream(entry);
- try {
- File file = new File(unzipDir, entry.getName());
- if (!file.getParentFile().mkdirs()) {
- if (!file.getParentFile().isDirectory()) {
- throw new IOException(""Mkdirs failed to create "" +
- file.getParentFile().toString());
- }
- }
- OutputStream out = new FileOutputStream(file);
- try {
- byte[] buffer = new byte[8192];
- int i;
- while ((i = in.read(buffer)) != -1) {
- out.write(buffer, 0, i);
- }
- } finally {
- out.close();
- }
- } finally {
- in.close();
- }
- }
- }
- } finally {
- zipFile.close();
- }
+ public static void unZip(File inFile, File toDir) throws IOException {
+ try (ZipFile zipFile = new ZipFile(inFile)) {
+ extractZipFile(zipFile, toDir, null); }
}
@@ -1910,21 +1914,10 @@ public class Utils {
public static void extractDirFromJar(String jarpath, String dir, File destdir) {
_instance.extractDirFromJarImpl(jarpath, dir, destdir);
}
-
+
public void extractDirFromJarImpl(String jarpath, String dir, File destdir) {
try (JarFile jarFile = new JarFile(jarpath)) {
- Enumeration<JarEntry> jarEnums = jarFile.entries();
- while (jarEnums.hasMoreElements()) {
- JarEntry entry = jarEnums.nextElement();
- if (!entry.isDirectory() && entry.getName().startsWith(dir)) {
- File aFile = new File(destdir, entry.getName());
- aFile.getParentFile().mkdirs();
- try (FileOutputStream out = new FileOutputStream(aFile);
- InputStream in = jarFile.getInputStream(entry)) {
- IOUtils.copy(in, out);
- }
- }
- }
+ extractZipFile(jarFile, destdir, dir);
} catch (IOException e) {
LOG.info(""Could not extract {} from {}"", dir, jarpath);
}",1,java,237.0,Utils.java
ae9ba6cfd32ed80469f162e5e3583e2477862ddf,ctripcorp/apollo,train,"@@ -3,6 +3,7 @@
import com.ctrip.framework.apollo.configservice.util.AccessKeyUtil;
import com.ctrip.framework.apollo.core.signature.Signature;
import com.ctrip.framework.apollo.core.utils.StringUtils;
+import com.google.common.net.HttpHeaders;
import java.io.IOException;
import java.util.List;
import java.util.Objects;
@@ -53,7 +54,7 @@ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain
List<String> availableSecrets = accessKeyUtil.findAvailableSecret(appId);
if (!CollectionUtils.isEmpty(availableSecrets)) {
String timestamp = request.getHeader(Signature.HTTP_HEADER_TIMESTAMP);
- String authorization = request.getHeader(Signature.HTTP_HEADER_AUTHORIZATION);
+ String authorization = request.getHeader(HttpHeaders.AUTHORIZATION);
if (!checkTimestamp(timestamp)) {",1,java,3.0,apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilter.java
20b38856a9cb328b8d2b501ee99c139575083590,AsyncHttpClient/async-http-client,train,"@@ -15,101 +15,43 @@
package com.ning.http.util;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
+import com.ning.http.client.AsyncHttpClientConfig;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
-import java.io.FileInputStream;
+
import java.io.IOException;
-import java.io.InputStream;
import java.security.GeneralSecurityException;
-import java.security.KeyStore;
import java.security.SecureRandom;
-import java.security.Security;
-/**
- * This class is a copy of http://github.com/sonatype/wagon-ning/raw/master/src/main/java/org/apache/maven/wagon/providers/http/SslUtils.java
- */
public class SslUtils {
- private static SSLContext context = null;
-
- public static SSLEngine getSSLEngine()
- throws GeneralSecurityException, IOException {
- SSLEngine engine = null;
-