From deb1f3de2e7d05f77536fbfae00393411b254017 Mon Sep 17 00:00:00 2001 From: Julien HENRY Date: Mon, 20 Jun 2016 17:28:07 +0200 Subject: [PATCH] SONARJNKNS-257 Fix encoding when masking passwords --- .../plugins/sonar/SonarBuildWrapper.java | 36 +++++++++---------- .../utils/MaskPasswordsOutputStream.java | 11 +++--- .../utils/MaskPasswordsOutputStreamTest.java | 4 +-- 3 files changed, 25 insertions(+), 26 deletions(-) diff --git a/src/main/java/hudson/plugins/sonar/SonarBuildWrapper.java b/src/main/java/hudson/plugins/sonar/SonarBuildWrapper.java index 532d369f..fe058e80 100644 --- a/src/main/java/hudson/plugins/sonar/SonarBuildWrapper.java +++ b/src/main/java/hudson/plugins/sonar/SonarBuildWrapper.java @@ -33,29 +33,21 @@ */ package hudson.plugins.sonar; -import hudson.util.ArgumentListBuilder; - -import hudson.plugins.sonar.action.SonarMarkerAction; -import hudson.plugins.sonar.utils.SonarUtils; -import hudson.model.Action; -import jenkins.model.Jenkins; -import org.apache.commons.lang.StringUtils; -import hudson.plugins.sonar.utils.MaskPasswordsOutputStream; -import hudson.plugins.sonar.utils.SQServerVersions; import hudson.EnvVars; -import hudson.plugins.sonar.utils.Logger; - -import javax.annotation.Nullable; - -import org.kohsuke.stapler.DataBoundConstructor; import hudson.Extension; import hudson.Launcher; -import hudson.model.BuildListener; import hudson.model.AbstractBuild; import hudson.model.AbstractProject; +import hudson.model.Action; +import hudson.model.BuildListener; +import hudson.plugins.sonar.action.SonarMarkerAction; +import hudson.plugins.sonar.utils.Logger; +import hudson.plugins.sonar.utils.MaskPasswordsOutputStream; +import hudson.plugins.sonar.utils.SQServerVersions; +import hudson.plugins.sonar.utils.SonarUtils; import hudson.tasks.BuildWrapper; import hudson.tasks.BuildWrapperDescriptor; - +import hudson.util.ArgumentListBuilder; import java.io.IOException; import java.io.OutputStream; import java.io.PrintStream; @@ -65,6 +57,10 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.annotation.Nullable; +import jenkins.model.Jenkins; +import org.apache.commons.lang.StringUtils; +import org.kohsuke.stapler.DataBoundConstructor; public class SonarBuildWrapper extends BuildWrapper { private static final String DEFAULT_SONAR = "sonar"; @@ -89,7 +85,7 @@ public OutputStream decorateLogger(AbstractBuild build, OutputStream outputStrea Logger.LOG.info(Messages.SonarBuildWrapper_MaskingPasswords()); - List passwords = new ArrayList(); + List passwords = new ArrayList<>(); if (!StringUtils.isBlank(inst.getDatabasePassword())) { passwords.add(inst.getDatabasePassword()); @@ -101,7 +97,7 @@ public OutputStream decorateLogger(AbstractBuild build, OutputStream outputStrea passwords.add(inst.getServerAuthenticationToken()); } - return new MaskPasswordsOutputStream(outputStream, passwords); + return new MaskPasswordsOutputStream(outputStream, build.getCharset(), passwords); } @Override @@ -174,7 +170,7 @@ public void buildEnvVars(Map env) { Map sonarEnv = createVars(installation); // resolve variables against each other - Map sonarEnvResolved = new HashMap(sonarEnv); + Map sonarEnvResolved = new HashMap<>(sonarEnv); EnvVars.resolve(sonarEnvResolved); for (String k : sonarEnv.keySet()) { @@ -196,7 +192,7 @@ public boolean tearDown(AbstractBuild build, BuildListener listener) throws IOEx } private Map createVars(SonarInstallation inst) { - Map map = new HashMap(); + Map map = new HashMap<>(); map.put("SONAR_CONFIG_NAME", inst.getName()); map.put("SONAR_HOST_URL", getOrDefault(inst.getServerUrl(), "http://localhost:9000")); diff --git a/src/main/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStream.java b/src/main/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStream.java index 5ea9c243..477a8e71 100644 --- a/src/main/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStream.java +++ b/src/main/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStream.java @@ -36,7 +36,8 @@ import hudson.console.LineTransformationOutputStream; import java.io.IOException; import java.io.OutputStream; -import java.nio.charset.StandardCharsets; +import java.nio.ByteBuffer; +import java.nio.charset.Charset; import java.util.Collection; import java.util.regex.Pattern; import org.apache.commons.lang.StringUtils; @@ -49,10 +50,12 @@ public class MaskPasswordsOutputStream extends LineTransformationOutputStream { private static final String URL_IN_LOGS = "ANALYSIS SUCCESSFUL, you can browse "; private final OutputStream logger; private final Pattern passwordsAsPattern; + private final Charset charset; - public MaskPasswordsOutputStream(OutputStream logger, Collection passwords) { + public MaskPasswordsOutputStream(OutputStream logger, Charset charset, Collection passwords) { this.logger = logger; + this.charset = charset; if (passwords != null && !passwords.isEmpty()) { @@ -87,11 +90,11 @@ public MaskPasswordsOutputStream(OutputStream logger, Collection passwor @Override protected void eol(byte[] bytes, int len) throws IOException { - String line = new String(bytes, 0, len, StandardCharsets.UTF_8); + String line = charset.decode(ByteBuffer.wrap(bytes, 0, len)).toString(); if (passwordsAsPattern != null && !line.contains(URL_IN_LOGS)) { line = passwordsAsPattern.matcher(line).replaceAll(REPLACEMENT); } - logger.write(line.getBytes(StandardCharsets.UTF_8)); + logger.write(line.getBytes(charset)); } @Override diff --git a/src/test/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStreamTest.java b/src/test/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStreamTest.java index a2f9a772..200d0ef4 100644 --- a/src/test/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStreamTest.java +++ b/src/test/java/hudson/plugins/sonar/utils/MaskPasswordsOutputStreamTest.java @@ -39,9 +39,9 @@ import java.io.OutputStreamWriter; import java.nio.charset.StandardCharsets; import java.util.Arrays; +import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; -import org.junit.Test; public class MaskPasswordsOutputStreamTest { private ByteArrayOutputStream os; @@ -77,7 +77,7 @@ public void dontMaskUrl() throws IOException { private BufferedWriter getWriter(String... passwords) { os = new ByteArrayOutputStream(); - MaskPasswordsOutputStream filteredOs = new MaskPasswordsOutputStream(os, Arrays.asList(passwords)); + MaskPasswordsOutputStream filteredOs = new MaskPasswordsOutputStream(os, StandardCharsets.UTF_8, Arrays.asList(passwords)); return new BufferedWriter(new OutputStreamWriter(filteredOs)); }