mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-06-22 23:45:02 +00:00
Hardening suggestions for Stirling-PDF / junit (#3538)
I've reviewed the recently opened PR ([3537 - JUnits JUnits JUnits, so many JUnits](https://github.com/Stirling-Tools/Stirling-PDF/pull/3537)) and have identified some area(s) that could benefit from additional hardening measures. These changes should help prevent potential security vulnerabilities and improve overall code quality. Thank you for your consideration! 🧚🤖 Powered by Pixeebot [Feedback](https://ask.pixee.ai/feedback) | [Community](https://pixee-community.slack.com/signup#/domain-signup) | [Docs](https://docs.pixee.ai/)  --------- Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
This commit is contained in:
pixeebot[bot]
GitHub
parent
25bfdb1daa
commit
ff42a18392
@ -1,5 +1,6 @@
|
||||
package stirling.software.SPDF.service;
|
||||
|
||||
import java.nio.file.Files;
|
||||
import static org.junit.jupiter.api.Assertions.*;
|
||||
import static org.mockito.Mockito.*;
|
||||
|
||||
@ -233,7 +234,7 @@ class CustomPDFDocumentFactoryTest {
|
||||
}
|
||||
|
||||
private File writeTempFile(byte[] content) throws IOException {
|
||||
File file = File.createTempFile("pdf-test-", ".pdf");
|
||||
File file = Files.createTempFile("pdf-test-", ".pdf").toFile();
|
||||
Files.write(file.toPath(), content);
|
||||
return file;
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package stirling.software.SPDF.utils;
|
||||
|
||||
import io.github.pixee.security.ZipSecurity;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
@ -213,7 +214,7 @@ class PDFToFileTest {
|
||||
|
||||
// Verify the content by unzipping it
|
||||
try (ZipInputStream zipStream =
|
||||
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipEntry entry;
|
||||
boolean foundMdFiles = false;
|
||||
boolean foundImage = false;
|
||||
@ -285,18 +286,18 @@ class PDFToFileTest {
|
||||
|
||||
// Verify the content by unzipping it
|
||||
try (ZipInputStream zipStream =
|
||||
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipEntry entry;
|
||||
boolean foundMainHtml = false;
|
||||
boolean foundIndexHtml = false;
|
||||
boolean foundImage = false;
|
||||
|
||||
while ((entry = zipStream.getNextEntry()) != null) {
|
||||
if (entry.getName().equals("test.html")) {
|
||||
if ("test.html".equals(entry.getName())) {
|
||||
foundMainHtml = true;
|
||||
} else if (entry.getName().equals("test_ind.html")) {
|
||||
} else if ("test_ind.html".equals(entry.getName())) {
|
||||
foundIndexHtml = true;
|
||||
} else if (entry.getName().equals("test_img.png")) {
|
||||
} else if ("test_img.png".equals(entry.getName())) {
|
||||
foundImage = true;
|
||||
}
|
||||
zipStream.closeEntry();
|
||||
@ -436,13 +437,13 @@ class PDFToFileTest {
|
||||
|
||||
// Verify the content by unzipping it
|
||||
try (ZipInputStream zipStream =
|
||||
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
|
||||
ZipEntry entry;
|
||||
boolean foundMainFile = false;
|
||||
boolean foundMediaFiles = false;
|
||||
|
||||
while ((entry = zipStream.getNextEntry()) != null) {
|
||||
if (entry.getName().equals("document.odp")) {
|
||||
if ("document.odp".equals(entry.getName())) {
|
||||
foundMainFile = true;
|
||||
} else if (entry.getName().startsWith("document_media")) {
|
||||
foundMediaFiles = true;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user