| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| InvalidFileNameException | 
 | 
 | 1.0;1 | 
| 1 |  /* | |
| 2 |   * Licensed to the Apache Software Foundation (ASF) under one or more | |
| 3 |   * contributor license agreements.  See the NOTICE file distributed with | |
| 4 |   * this work for additional information regarding copyright ownership. | |
| 5 |   * The ASF licenses this file to You under the Apache License, Version 2.0 | |
| 6 |   * (the "License"); you may not use this file except in compliance with | |
| 7 |   * the License.  You may obtain a copy of the License at | |
| 8 |   * | |
| 9 |   *      http://www.apache.org/licenses/LICENSE-2.0 | |
| 10 |   * | |
| 11 |   * Unless required by applicable law or agreed to in writing, software | |
| 12 |   * distributed under the License is distributed on an "AS IS" BASIS, | |
| 13 |   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 14 |   * See the License for the specific language governing permissions and | |
| 15 |   * limitations under the License. | |
| 16 |   */ | |
| 17 |  package org.apache.commons.fileupload; | |
| 18 | ||
| 19 |  /** | |
| 20 |   * This exception is thrown in case of an invalid file name. | |
| 21 |   * A file name is invalid, if it contains a NUL character. | |
| 22 |   * Attackers might use this to circumvent security checks: | |
| 23 |   * For example, a malicious user might upload a file with the name | |
| 24 |   * "foo.exe\0.png". This file name might pass security checks (i.e. | |
| 25 |   * checks for the extension ".png"), while, depending on the underlying | |
| 26 |   * C library, it might create a file named "foo.exe", as the NUL | |
| 27 |   * character is the string terminator in C. | |
| 28 |   */ | |
| 29 | public class InvalidFileNameException extends RuntimeException { | |
| 30 | ||
| 31 |      /** | |
| 32 |       * Serial version UID, being used, if the exception | |
| 33 |       * is serialized. | |
| 34 |       */ | |
| 35 | private static final long serialVersionUID = 7922042602454350470L; | |
| 36 | ||
| 37 |      /** | |
| 38 |       * The file name causing the exception. | |
| 39 |       */ | |
| 40 | private final String name; | |
| 41 | ||
| 42 |      /** | |
| 43 |       * Creates a new instance. | |
| 44 |       * | |
| 45 |       * @param pName The file name causing the exception. | |
| 46 |       * @param pMessage A human readable error message. | |
| 47 |       */ | |
| 48 |      public InvalidFileNameException(String pName, String pMessage) { | |
| 49 | 2 |          super(pMessage); | 
| 50 | 2 | name = pName; | 
| 51 | 2 | } | 
| 52 | ||
| 53 |      /** | |
| 54 |       * Returns the invalid file name. | |
| 55 |       * | |
| 56 |       * @return the invalid file name. | |
| 57 |       */ | |
| 58 |      public String getName() { | |
| 59 | 2 |          return name; | 
| 60 | } | |
| 61 | ||
| 62 | } |