Review

Detector:

Findbugs

Target:

project '

uberfire

' version

0.3.1

Tags:

Potential Misuse

Anomaly identified by the detector. Please review whether this anomaly corresponds to a misuse.

Finding:	finding-0
In File:	org/uberfire/server/UberfireServlet.java
In Method:	getFileContent(String)
Code with Finding:	`class UberfireServlet { private String getFileContent( final String fileName ) { try { return getTemplateContent( new BufferedInputStream( new FileInputStream( fileName ) ) ); } catch ( FileNotFoundException e ) { throw new IllegalStateException( "Template file not found.", e ); } } }`

Hit	Rank	Desc	Type	Violations
?	0	SECPTI: java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input	PATH_TRAVERSAL_IN