fix: SpotBugs扫描分析(四):修复文件操作结果不可忽略、随机数生成使用SecureRandom类、BasicResultVO潜在反序列化问题

pull/66/head
xiaoxiamo 6 months ago
parent a486063b7f
commit b0e49b89be

@ -6,6 +6,8 @@ import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.ToString;
import java.io.Serializable;
/**
* @author zzb
* @since 2021.11.17
@ -15,7 +17,7 @@ import lombok.ToString;
@ToString(callSuper = true)
@AllArgsConstructor
@NoArgsConstructor
public final class BasicResultVO<T> {
public final class BasicResultVO<T> implements Serializable {
/**
*

@ -24,10 +24,10 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Random;
/**
*
@ -44,6 +44,11 @@ public class SmsHandler extends BaseHandler{
private static final Integer AUTO_FLOW_RULE = 0;
private static final String FLOW_KEY = "msgTypeSmsConfig";
private static final String FLOW_KEY_PREFIX = "message_type_";
/**
*
*/
private static final SecureRandom secureRandom = new SecureRandom();
@Autowired
private SmsRecordDao smsRecordDao;
@Autowired
@ -99,7 +104,7 @@ public class SmsHandler extends BaseHandler{
}
// 生成一个随机数[1,total],看落到哪个区间
int index = new Random().nextInt(total) + 1;
int index = secureRandom.nextInt(total) + 1;
MessageTypeSmsConfig supplier = null;
MessageTypeSmsConfig supplierBack = null;

@ -33,7 +33,6 @@ public class AustinFileUtils {
* @return
*/
public static File getRemoteUrl2File(String path, String remoteUrl) {
InputStream inputStream = null;
FileOutputStream fileOutputStream = null;
try {
@ -41,7 +40,11 @@ public class AustinFileUtils {
File file = new File(path, url.getPath());
inputStream = url.openStream();
if (!file.exists()) {
file.getParentFile().mkdirs();
boolean res = file.getParentFile().mkdirs();
if (!res) {
log.error("AustinFileUtils#getRemoteUrl2File Failed to create folder, path:{}, remoteUrl:{}", path, remoteUrl);
return null;
}
fileOutputStream = new FileOutputStream(file);
IoUtil.copy(inputStream, fileOutputStream);
}
@ -49,20 +52,8 @@ public class AustinFileUtils {
} catch (Exception e) {
log.error("AustinFileUtils#getRemoteUrl2File fail:{},remoteUrl:{}", Throwables.getStackTraceAsString(e), remoteUrl);
} finally {
if (Objects.nonNull(inputStream)) {
try {
inputStream.close();
} catch (IOException e) {
log.error("close#inputStream fail:{}", Throwables.getStackTraceAsString(e));
}
}
if (Objects.nonNull(fileOutputStream)) {
try {
fileOutputStream.close();
} catch (IOException e) {
log.error("close#fileOutputStream fail:{}", Throwables.getStackTraceAsString(e));
}
}
closeQuietly(inputStream);
closeQuietly(fileOutputStream);
}
return null;
}
@ -85,4 +76,33 @@ public class AustinFileUtils {
return files;
}
/**
* InputStream
*
* @param inputStream
*/
private static void closeQuietly(InputStream inputStream) {
if (Objects.nonNull(inputStream)) {
try {
inputStream.close();
} catch (IOException e) {
log.error("close#inputStream fail:{}", Throwables.getStackTraceAsString(e));
}
}
}
/**
* FileOutputStream
*
* @param fileOutputStream
*/
private static void closeQuietly(FileOutputStream fileOutputStream) {
if (Objects.nonNull(fileOutputStream)) {
try {
fileOutputStream.close();
} catch (IOException e) {
log.error("close#fileOutputStream fail:{}", Throwables.getStackTraceAsString(e));
}
}
}
}

@ -201,7 +201,11 @@ public class MessageTemplateController {
try {
File localFile = new File(filePath);
if (!localFile.exists()) {
localFile.mkdirs();
boolean res = localFile.mkdirs();
if (!res) {
log.error("MessageTemplateController#upload fail! Failed to create folder.");
throw new CommonException(RespStatusEnum.SERVICE_ERROR);
}
}
file.transferTo(localFile);
} catch (Exception e) {

Loading…
Cancel
Save