This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release24.09
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release24.09 by this push:
new 4ec432a164 Fixed: PDF-Check: Just delete unsafe PDF files (OFBIZ-13190)
4ec432a164 is described below
commit 4ec432a1645cf744539259d259fb4262594a0212
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Fri Dec 6 11:18:48 2024 +0100
Fixed: PDF-Check: Just delete unsafe PDF files (OFBIZ-13190)
At first I planned to change the implementation to just delete the PDF file
within isValidPdfFile if the PDF's safeState is false. Then I found out
that the
file deletion already happens withn isValidFile (deleteBadFile) -
hence there is no need to delete the invalid file within the PDF check
itself.
Thanks: Sixty One
---
.../security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java | 2 --
1 file changed, 2 deletions(-)
diff --git
a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
index 23b54fb617..70c7a81e69 100644
---
a/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
+++
b/framework/security/src/main/java/org/apache/ofbiz/security/SecuredUpload.java
@@ -586,8 +586,6 @@ public class SecuredUpload {
+ "For security reason it's not accepted as a such file",
MODULE);
}
- file = new File(fileName);
- file.delete();
return safeState;
}
