Add compliant and noncompliant examples of java/unrestricted-file-upload@v1.0

karmakri · karmakri · commit 1fe57aa9ae24 · 2023-12-14T20:07:33.000+05:30
diff --git a/src/java/detectors/unrestricted_file_upload/UnrestrictedFileUpload.java b/src/java/detectors/unrestricted_file_upload/UnrestrictedFileUpload.java
@@ -12,11 +12,14 @@
 import java.util.HashMap;
 import org.springframework.util.StringUtils;
 import javax.servlet.ServletException;
+import javax.servlet.http.Part;
+import java.nio.file.Files;
+import java.nio.file.StandardCopyOption;
 
 public class UnrestrictedFileUpload {
 
     // {fact rule=unrestricted-file-upload@v1.0 defects=1}
-    public void unrestrictedFileUploadNoncompliant(HttpServletRequest request) {
+    public void unrestrictedFileUploadNoncompliant(HttpServletRequest request, HttpServletResponse response) {
         Part filePart = request.getPart("fileToUpload");
         InputStream fileInputStream = filePart.getInputStream();
         // Noncompliant: the uploaded file can have any extension.
