Project Report: fawkez

Packagesummary org.jcoderz.phoenix.servlet

org.jcoderz.phoenix.servlet.Base64DecoderServlet

LineHitsNoteSource
1  /*
2   * $Id: Base64DecoderServlet.java 1011 2008-06-16 17:57:36Z amandel $
3   *
4   * Copyright 2006, The jCoderZ.org Project. All rights reserved.
5   *
6   * Redistribution and use in source and binary forms, with or without
7   * modification, are permitted provided that the following conditions are
8   * met:
9   *
10   *    * Redistributions of source code must retain the above copyright
11   *      notice, this list of conditions and the following disclaimer.
12   *    * Redistributions in binary form must reproduce the above
13   *      copyright notice, this list of conditions and the following
14   *      disclaimer in the documentation and/or other materials
15   *      provided with the distribution.
16   *    * Neither the name of the jCoderZ.org Project nor the names of
17   *      its contributors may be used to endorse or promote products
18   *      derived from this software without specific prior written
19   *      permission.
20   *
21   * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND
22   * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24   * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS AND CONTRIBUTORS
25   * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28   * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29   * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30   * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32   */
33  package org.jcoderz.phoenix.servlet;
34  
35  import java.io.IOException;
36  import java.io.PrintWriter;
37  
38  import javax.servlet.http.HttpServlet;
39  import javax.servlet.http.HttpServletRequest;
40  import javax.servlet.http.HttpServletResponse;
41  
42  import org.jcoderz.commons.util.Base64Util;
43  import org.jcoderz.commons.util.Constants;
44  import org.jcoderz.commons.util.HexUtil;
45  import org.jcoderz.commons.util.XmlUtil;
46  
47  
48  /**
49   * Simple servlet to perform base 64 decoding.
50   *
51   * @web.servlet name="base64"
52   * @web.servlet-mapping url-pattern="/base64"
53   *
54   * @author Andreas Mandel
55   */
560 public class Base64DecoderServlet
57        extends HttpServlet
58  {
59     private static final long serialVersionUID = 1L;
60     private static final String ENCODED_PARAMETER_NAME = "encoded";
61  
62     /** {@inheritDoc} */
63     protected void doPost (HttpServletRequest request,
64           HttpServletResponse response)
65           throws IOException
66  
67     {
680       doGet(request, response);
690    }
70  
71     /** {@inheritDoc} */
72     protected void doGet (HttpServletRequest request,
73           HttpServletResponse response)
74           throws IOException
75     {
760       final PrintWriter out = response.getWriter();
770       final String encodedData = request.getParameter(ENCODED_PARAMETER_NAME);
780       final byte[] data = Base64Util.decode(encodedData);
79  
800       response.setContentType("text/html");
810       out.println("<html><head><title>Simple base64 decoder</title>");
820       out.println("</head>");
830       out.println("<body>");
840       out.println("<form method='post'>");
850       out.println("<textarea tabindex='1' name='" + ENCODED_PARAMETER_NAME
86              + "' rows='5' cols='100' wrap='soft'>");
870(1)      if (encodedData != null && data == null)
88        {
890          out.println(XmlUtil.escape(encodedData));
90        }
910       out.println("</textarea>");
920       out.println("<input tabindex='2' type='submit' value='Decode' "
93              + "name='Decode' accesskey='d' title='Decode message [alt-d]'/>");
940       out.println("</form>");
95  
960       if (encodedData != null)
97        {
980          if (data != null)
99           {
1000             dumpResult(out, data);
101           }
102           else
103           {
1040(2)            out.println("<hr />");
1050             out.println("<h2>Invalid base64 data!</h2>");
1060             out.println("<hr />");
107           }
108        }
109  
1100       out.println("</body>");
1110       out.println("</html>");
1120    }
113  
114     private void dumpResult (PrintWriter out, byte[] data)
115           throws IOException
116     {
1170       out.println("<hr />");
1180       final String xml
119            = XmlUtil.formatXml(new String(data, Constants.ENCODING_UTF8));
1200       if (xml != null)
121        {
1220          out.println("<pre>");
1230          out.println(XmlUtil.escape(xml));
1240          out.println("</pre>");
1250          out.println("<hr />");
126        }
127  
128        // hexdump...
1290       final String hexDump = HexUtil.dump(data);
1300       out.println("<pre>");
1310       out.println(XmlUtil.escape(hexDump));
1320       out.println("</pre>");
1330       out.println("<hr />");
1340    }
135  
136     /** {@inheritDoc} */
137     public String getServletInfo ()
138     {
1390       return "Simple base64 decoder servlet.";
140     }
141  
142  }

Findings in this File

i (1) 87 : 0 Redundant nullcheck of data, which is known to be non-null in org.jcoderz.phoenix.servlet.Base64DecoderServlet.doGet(HttpServletRequest, HttpServletResponse)
i (2) 104 : 25 The String literal "<hr />" appears 5 times in this file; the first occurrence is on line 104