Module com.renomad.minum
Package com.renomad.minum.utils

Class FileUtils

java.lang.Object
com.renomad.minum.utils.FileUtils
public final class FileUtils extends Object
Helper functions for working with files.

  • Field Details

    • badFilePathPatterns

      public static final Pattern badFilePathPatterns
      These patterns can be used in path strings to access files higher in the directory structure. We disallow this, as a security precaution.
      • 1st Alternative // - This prevents going to the root directory
      • 2nd Alternative .. - prevents going up a directory
      • 3rd Alternative : - prevents certain special paths, like "C:" or "file://"
      • 4th Alternative ^/ - prevents starting with a slash, meaning the root, but allows intermediate slashes.
      • 5th Alternative :^\ - prevents starting with a backslash, meaning the root, but allows intermediate backslashes.

  • Constructor Details

  • Method Details

    • writeString

      public void writeString(Path path, String content)
      Write a string to a path on disk.

      Note: This does *not* protect against untrusted data on its own. Call safeResolve(String, String) first against the path to ensure it uses valid characters and prevent it escaping the expected directory.

    • deleteDirectoryRecursivelyIfExists

      public void deleteDirectoryRecursivelyIfExists(Path myPath)
      Deletes a directory, deleting everything inside it recursively afterwards. A more dangerous method than many others, take care.

      Note: This does *not* protect against untrusted data on its own. Call safeResolve(String, String) first against the path to ensure it uses valid characters and prevent it escaping the expected directory.

    • makeDirectory

      public void makeDirectory(Path directory)
      Creates a directory if it doesn't already exist.

      Note: This does *not* protect against untrusted data on its own. Call safeResolve(String, String) first against the path to ensure it uses valid characters and prevent it escaping the expected directory.

      If the directory does exist, the program will simply skip building it, and mention it in the logs.

    • readBinaryFile

      public byte[] readBinaryFile(String path)
      Read a binary file, return as a byte array

      Note: This does *not* protect against untrusted data on its own. Call safeResolve(String, String) first against the path to ensure it uses valid characters and prevent it escaping the expected directory.

      If there is an error, this will return an empty byte array.

    • readTextFile

      public String readTextFile(String path)
      Read a text file from the given path, return as a string.

      Note: This does *not* protect against untrusted data on its own. Call safeResolve(String, String) first against the path to ensure it uses valid characters and prevent it escaping the expected directory.

      If there is an error, this will return an empty string.

    • checkFileIsWithinDirectory

      public static void checkFileIsWithinDirectory(String path, String directoryPath)
      This method is to provide assurance that the file specified by the path parameter is within the directory specified by directoryPath. Use this for any code that reads from files where the user provides untrusted input.
      Throws:
      InvariantException - if the file is not within the directory

    • checkForBadFilePatterns

      public static void checkForBadFilePatterns(String path)
      Checks that the path string avoids bad patterns and meets our whitelist for acceptable characters.
      Throws:
      InvariantException - if there are any issues with the path string, such as being an empty string, containing known bad patterns from badFilePathPatterns, or including characters other than the set of characters we will allow for filenames. It is a simple set of ascii characters - alphanumerics, underscore, dash, period, forward and backward slash.

    • safeResolve

      public static Path safeResolve(String parentDirectory, String path)
      This helper method will ensure that the requested path is within the parent directory and using safe characters