This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new c32f41fc1b Fixed: PDF-Check: Just delete unsafe PDF files (OFBIZ-13190)
c32f41fc1b is described below
commit c32f41fc1b82003b0657f0e55de186e91d15ed31
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Fri Dec 6 11:18:48 2024 +0100
Fixed: PDF-Check: Just delete unsafe PDF files (OFBIZ-13190)
At first I planned to change the implementation to just delete the PDF file
within isValidPdfFile if the PDF's safeState is false. Then I found out
that the
file deletion already happens withn isValidFile (deleteBadFile) -
hence there is no need to delete the invalid file within the PDF check
itself.
Thanks: Sixty One
---
.../security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java | 2 --
1 file changed, 2 deletions(-)
diff --git
a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
index c4fd73fc05..474b14cbfd 100644
---
a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
+++
b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
@@ -589,8 +589,6 @@ public class SecuredUpload {
+ "For security reason it's not accepted as a such file",
MODULE);
}
- file = new File(fileName);
- file.delete();
return safeState;
}
