ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086

f3faad54 · chaitali borole · nixonrodrigues · 7dec8f53 · f3faad54 · f3faad54
Commit f3faad54 authored Oct 22, 2020 by chaitali borole Committed by nixonrodrigues Oct 23, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

pom.xml pom.xml +1 -1

FileUtils.java ...sitory/src/main/java/org/apache/atlas/util/FileUtils.java +4 -1

No files found.
--- a/pom.xml
+++ b/pom.xml
@@ -718,7 +718,7 @@
        <!-- Apache commons -->

        <!--Apache poi and Open csv-->
-        <opencsv.version>4.6</opencsv.version>
+        <opencsv.version>5.0</opencsv.version>
        <poi.version>3.17</poi.version>
        <poi-ooxml.version>3.17</poi-ooxml.version>


--- a/repository/src/main/java/org/apache/atlas/util/FileUtils.java
+++ b/repository/src/main/java/org/apache/atlas/util/FileUtils.java
@@ -18,6 +18,7 @@
 package org.apache.atlas.util;

 import com.opencsv.CSVReader;
+import com.opencsv.exceptions.CsvValidationException;
 import org.apache.atlas.AtlasErrorCode;
 import org.apache.atlas.exception.AtlasBaseException;
 import org.apache.commons.collections.CollectionUtils;
@@ -70,7 +71,7 @@ public class FileUtils {
        return ret;
    }

-    public static List<String[]> readCSV(InputStream inputStream) throws IOException {
+    public static List<String[]> readCSV(InputStream inputStream) throws IOException, AtlasBaseException {
        List<String[]> ret = new ArrayList<>();

        try (CSVReader csvReader = new CSVReader(new InputStreamReader(inputStream))) {
@@ -87,6 +88,8 @@ public class FileUtils {
                    ret.add(data);
                }
            }
+        } catch (CsvValidationException e) {
+            throw new AtlasBaseException(AtlasErrorCode.NO_DATA_FOUND, e);
        }

        return ret;