| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| InvalidFileNameException |
|
| 1.0;1 |
| 1 | /* | |
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more | |
| 3 | * contributor license agreements. See the NOTICE file distributed with | |
| 4 | * this work for additional information regarding copyright ownership. | |
| 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 | |
| 6 | * (the "License"); you may not use this file except in compliance with | |
| 7 | * the License. You may obtain a copy of the License at | |
| 8 | * | |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 10 | * | |
| 11 | * Unless required by applicable law or agreed to in writing, software | |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 14 | * See the License for the specific language governing permissions and | |
| 15 | * limitations under the License. | |
| 16 | */ | |
| 17 | package org.apache.commons.fileupload; | |
| 18 | ||
| 19 | /** | |
| 20 | * This exception is thrown in case of an invalid file name. | |
| 21 | * A file name is invalid, if it contains a NUL character. | |
| 22 | * Attackers might use this to circumvent security checks: | |
| 23 | * For example, a malicious user might upload a file with the name | |
| 24 | * "foo.exe\0.png". This file name might pass security checks (i.e. | |
| 25 | * checks for the extension ".png"), while, depending on the underlying | |
| 26 | * C library, it might create a file named "foo.exe", as the NUL | |
| 27 | * character is the string terminator in C. | |
| 28 | */ | |
| 29 | public class InvalidFileNameException extends RuntimeException { | |
| 30 | ||
| 31 | /** | |
| 32 | * Serial version UID, being used, if the exception | |
| 33 | * is serialized. | |
| 34 | */ | |
| 35 | private static final long serialVersionUID = 7922042602454350470L; | |
| 36 | ||
| 37 | /** | |
| 38 | * The file name causing the exception. | |
| 39 | */ | |
| 40 | private final String name; | |
| 41 | ||
| 42 | /** | |
| 43 | * Creates a new instance. | |
| 44 | * | |
| 45 | * @param pName The file name causing the exception. | |
| 46 | * @param pMessage A human readable error message. | |
| 47 | */ | |
| 48 | public InvalidFileNameException(String pName, String pMessage) { | |
| 49 | 2 | super(pMessage); |
| 50 | 2 | name = pName; |
| 51 | 2 | } |
| 52 | ||
| 53 | /** | |
| 54 | * Returns the invalid file name. | |
| 55 | * | |
| 56 | * @return the invalid file name. | |
| 57 | */ | |
| 58 | public String getName() { | |
| 59 | 2 | return name; |
| 60 | } | |
| 61 | ||
| 62 | } |