You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@atlas.apache.org by ni...@apache.org on 2020/10/23 14:32:34 UTC

[atlas] 01/05: ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086

This is an automated email from the ASF dual-hosted git repository.

nixon pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/atlas.git

commit f3faad547380ac786427d84c95244de502781360
Author: chaitali borole <ch...@cloudera.com>
AuthorDate: Thu Oct 22 15:49:53 2020 +0530

    ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086
---
 pom.xml                                                       | 2 +-
 repository/src/main/java/org/apache/atlas/util/FileUtils.java | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 91fd593..a0e2943 100644
--- a/pom.xml
+++ b/pom.xml
@@ -718,7 +718,7 @@
         <!-- Apache commons -->
 
         <!--Apache poi and Open csv-->
-        <opencsv.version>4.6</opencsv.version>
+        <opencsv.version>5.0</opencsv.version>
         <poi.version>3.17</poi.version>
         <poi-ooxml.version>3.17</poi-ooxml.version>
 
diff --git a/repository/src/main/java/org/apache/atlas/util/FileUtils.java b/repository/src/main/java/org/apache/atlas/util/FileUtils.java
index 66ade26..e8061d7 100644
--- a/repository/src/main/java/org/apache/atlas/util/FileUtils.java
+++ b/repository/src/main/java/org/apache/atlas/util/FileUtils.java
@@ -18,6 +18,7 @@
 package org.apache.atlas.util;
 
 import com.opencsv.CSVReader;
+import com.opencsv.exceptions.CsvValidationException;
 import org.apache.atlas.AtlasErrorCode;
 import org.apache.atlas.exception.AtlasBaseException;
 import org.apache.commons.collections.CollectionUtils;
@@ -70,7 +71,7 @@ public class FileUtils {
         return ret;
     }
 
-    public static List<String[]> readCSV(InputStream inputStream) throws IOException {
+    public static List<String[]> readCSV(InputStream inputStream) throws IOException, AtlasBaseException {
         List<String[]> ret = new ArrayList<>();
 
         try (CSVReader csvReader = new CSVReader(new InputStreamReader(inputStream))) {
@@ -87,6 +88,8 @@ public class FileUtils {
                     ret.add(data);
                 }
             }
+        } catch (CsvValidationException e) {
+            throw new AtlasBaseException(AtlasErrorCode.NO_DATA_FOUND, e);
         }
 
         return ret;