Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
InvalidFileNameException |
|
| 1.0;1 |
1 | /* | |
2 | * Licensed to the Apache Software Foundation (ASF) under one or more | |
3 | * contributor license agreements. See the NOTICE file distributed with | |
4 | * this work for additional information regarding copyright ownership. | |
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 | |
6 | * (the "License"); you may not use this file except in compliance with | |
7 | * the License. You may obtain a copy of the License at | |
8 | * | |
9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
10 | * | |
11 | * Unless required by applicable law or agreed to in writing, software | |
12 | * distributed under the License is distributed on an "AS IS" BASIS, | |
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
14 | * See the License for the specific language governing permissions and | |
15 | * limitations under the License. | |
16 | */ | |
17 | package org.apache.commons.fileupload; | |
18 | ||
19 | /** | |
20 | * This exception is thrown in case of an invalid file name. | |
21 | * A file name is invalid, if it contains a NUL character. | |
22 | * Attackers might use this to circumvent security checks: | |
23 | * For example, a malicious user might upload a file with the name | |
24 | * "foo.exe\0.png". This file name might pass security checks (i.e. | |
25 | * checks for the extension ".png"), while, depending on the underlying | |
26 | * C library, it might create a file named "foo.exe", as the NUL | |
27 | * character is the string terminator in C. | |
28 | */ | |
29 | public class InvalidFileNameException extends RuntimeException { | |
30 | ||
31 | /** | |
32 | * Serial version UID, being used, if the exception | |
33 | * is serialized. | |
34 | */ | |
35 | private static final long serialVersionUID = 7922042602454350470L; | |
36 | ||
37 | /** | |
38 | * The file name causing the exception. | |
39 | */ | |
40 | private final String name; | |
41 | ||
42 | /** | |
43 | * Creates a new instance. | |
44 | * | |
45 | * @param pName The file name causing the exception. | |
46 | * @param pMessage A human readable error message. | |
47 | */ | |
48 | public InvalidFileNameException(String pName, String pMessage) { | |
49 | 2 | super(pMessage); |
50 | 2 | name = pName; |
51 | 2 | } |
52 | ||
53 | /** | |
54 | * Returns the invalid file name. | |
55 | * | |
56 | * @return the invalid file name. | |
57 | */ | |
58 | public String getName() { | |
59 | 2 | return name; |
60 | } | |
61 | ||
62 | } |