search

adorsys / datasafe

Secure, Encrypted and Versioned Data Storage Library
https://adorsys.github.io/datasafe/
GNU Affero General Public License v3.0
55 stars 23 forks source link

fix : path traversal for rootBucket #351

Closed AssahBismarkabah closed 1 month ago

AssahBismarkabah commented 2 months ago

I updated the StaticRoutBucket. If the resourcePath doesn't start with the bucketName, the method will now return the original path to avoid unintentional removal of later bucket name segments

sonarcloud[bot] commented 2 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

codecov[bot] commented 2 months ago

Codecov Report

Attention: Patch coverage is 75.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 86.77%. Comparing base (32d36bc) to head (b1d79e0). Report is 26 commits behind head on develop.

Files with missing lines Patch % Lines
...s/datasafe/storage/impl/s3/StaticBucketRouter.java 75.00% 0 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## develop #351 +/- ## ========================================== Coverage 86.76% 86.77% Complexity 1 1 ========================================== Files 164 164 Lines 3348 3350 +2 Branches 217 218 +1 ========================================== + Hits 2905 2907 +2 Misses 309 309 Partials 134 134 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.