From 734fff5618c15ae0798363265eb611fe21b1d9de Mon Sep 17 00:00:00 2001 From: "pixeebot[bot]" <23113631+pixeebot@users.noreply.github.com> Date: Fri, 2 Feb 2024 00:15:46 +0000 Subject: [PATCH] Modernize and secure temp file creation --- .../software/SPDF/controller/api/PdfOverlayController.java | 3 ++- .../software/SPDF/controller/api/misc/StampController.java | 3 ++- .../SPDF/controller/api/security/WatermarkController.java | 3 ++- src/main/java/stirling/software/SPDF/utils/GeneralUtils.java | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java b/src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java index ab96d01e..f9938a39 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java @@ -4,6 +4,7 @@ import io.github.pixee.security.Filenames; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.IOException; +import java.nio.file.Files; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -136,7 +137,7 @@ public class PdfOverlayController { try (PDDocument overlayPdf = Loader.loadPDF(overlayFiles[overlayFileIndex])) { PDDocument singlePageDocument = new PDDocument(); singlePageDocument.addPage(overlayPdf.getPage(pageCountInCurrentOverlay)); - File tempFile = File.createTempFile("overlay-page-", ".pdf"); + File tempFile = Files.createTempFile("overlay-page-", ".pdf").toFile(); singlePageDocument.save(tempFile); singlePageDocument.close(); diff --git a/src/main/java/stirling/software/SPDF/controller/api/misc/StampController.java b/src/main/java/stirling/software/SPDF/controller/api/misc/StampController.java index 83519094..9a01cf4d 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/misc/StampController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/misc/StampController.java @@ -7,6 +7,7 @@ import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.nio.file.Files; import javax.imageio.ImageIO; @@ -169,7 +170,7 @@ public class StampController { if (!resourceDir.equals("")) { ClassPathResource classPathResource = new ClassPathResource(resourceDir); String fileExtension = resourceDir.substring(resourceDir.lastIndexOf(".")); - File tempFile = File.createTempFile("NotoSansFont", fileExtension); + File tempFile = Files.createTempFile("NotoSansFont", fileExtension).toFile(); try (InputStream is = classPathResource.getInputStream(); FileOutputStream os = new FileOutputStream(tempFile)) { IOUtils.copy(is, os); diff --git a/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java b/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java index f1d984fa..469f32be 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java @@ -7,6 +7,7 @@ import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.nio.file.Files; import javax.imageio.ImageIO; @@ -143,7 +144,7 @@ public class WatermarkController { if (!resourceDir.equals("")) { ClassPathResource classPathResource = new ClassPathResource(resourceDir); String fileExtension = resourceDir.substring(resourceDir.lastIndexOf(".")); - File tempFile = File.createTempFile("NotoSansFont", fileExtension); + File tempFile = Files.createTempFile("NotoSansFont", fileExtension).toFile(); try (InputStream is = classPathResource.getInputStream(); FileOutputStream os = new FileOutputStream(tempFile)) { IOUtils.copy(is, os); diff --git a/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java b/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java index 1b0c315a..7b6905db 100644 --- a/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java +++ b/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java @@ -22,7 +22,7 @@ import org.springframework.web.multipart.MultipartFile; public class GeneralUtils { public static File convertMultipartFileToFile(MultipartFile multipartFile) throws IOException { - File tempFile = File.createTempFile("temp", null); + File tempFile = Files.createTempFile("temp", null).toFile(); try (FileOutputStream os = new FileOutputStream(tempFile)) { os.write(multipartFile.getBytes()); }