aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-plugin-api-impl
diff options
context:
space:
mode:
authorZipeng WU <zipeng.wu@sonarsource.com>2021-07-01 15:24:24 +0200
committersonartech <sonartech@sonarsource.com>2021-07-01 20:03:19 +0000
commit79ecdf7bef85c00ae5b9271ef8d7338306d72881 (patch)
tree35e2d8b6c08848c9e666cdb708b6401724605723 /sonar-plugin-api-impl
parenta14676204f59098a9e8983da4ecc21bbaf81ac14 (diff)
downloadsonarqube-79ecdf7bef85c00ae5b9271ef8d7338306d72881.tar.gz
sonarqube-79ecdf7bef85c00ae5b9271ef8d7338306d72881.zip
SONAR-13513 Request parameter should not allow NUL character
Diffstat (limited to 'sonar-plugin-api-impl')
-rw-r--r--sonar-plugin-api-impl/src/main/java/org/sonar/api/impl/ws/ValidatingRequest.java6
1 files changed, 5 insertions, 1 deletions
diff --git a/sonar-plugin-api-impl/src/main/java/org/sonar/api/impl/ws/ValidatingRequest.java b/sonar-plugin-api-impl/src/main/java/org/sonar/api/impl/ws/ValidatingRequest.java
index 033b95f8fb7..cc83b0cf58b 100644
--- a/sonar-plugin-api-impl/src/main/java/org/sonar/api/impl/ws/ValidatingRequest.java
+++ b/sonar-plugin-api-impl/src/main/java/org/sonar/api/impl/ws/ValidatingRequest.java
@@ -153,7 +153,11 @@ public abstract class ValidatingRequest extends Request {
private String readParam(String key, @Nullable WebService.Param definition) {
checkArgument(definition != null, "BUG - parameter '%s' is undefined for action '%s'", key, action.key());
String deprecatedKey = definition.deprecatedKey();
- return deprecatedKey != null ? defaultString(readParam(deprecatedKey), readParam(key)) : readParam(key);
+ String param = deprecatedKey != null ? defaultString(readParam(deprecatedKey), readParam(key)) : readParam(key);
+ if (param != null && param.contains("\0")) {
+ throw new IllegalArgumentException("Request parameters are not allowed to contain NUL character");
+ }
+ return param;
}
private List<String> readMultiParamOrDefaultValue(String key, @Nullable WebService.Param definition) {