From 80b3e1e3d01dbb68a0547826ad7105b6179bf71c Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 01/10] Patched WebContent/swagger/lib/marked.js --- WebContent/swagger/lib/marked.js | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/WebContent/swagger/lib/marked.js b/WebContent/swagger/lib/marked.js index c2a678d..63c4287 100644 --- a/WebContent/swagger/lib/marked.js +++ b/WebContent/swagger/lib/marked.js @@ -308,7 +308,8 @@ Lexer.prototype.token = function(src, top, bq) { if (~item.indexOf('\n ')) { space -= item.length; item = !this.options.pedantic - ? item.replace(new RegExp('^ {1,' + space + '}', 'gm'), '') + ? item.replace(/^( {1,10})/gm, '') + : item.replace(/^ {1,4}/gm, ''); } @@ -1095,9 +1096,9 @@ function unescape(html) { }); } -function replace(regex, opt) { - regex = regex.source; - opt = opt || ''; +function replace() { + const regex = someHardcodedPattern.source; + const opt = someHardcodedOpt || ''; return function self(name, val) { if (!name) return new RegExp(regex, opt); val = val.source || val; @@ -1107,6 +1108,7 @@ function replace(regex, opt) { }; } + function noop() {} noop.exec = noop; From 6dd7569579cbe9b1fc0d5ae047cf0728178e1402 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 02/10] Patched WebContent/static/inside_community.htm --- WebContent/static/inside_community.htm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/WebContent/static/inside_community.htm b/WebContent/static/inside_community.htm index a10d665..d3bfaa4 100644 --- a/WebContent/static/inside_community.htm +++ b/WebContent/static/inside_community.htm @@ -12,6 +12,6 @@

Summer 2006

The 2006 community efforts of Altoro Mutual and our employees is quite impressive including charitable contributions, volunteerism, diversity initiatives, and other support. View the summary report (PDF, 800KB).

Adobe Reader
-Download free Adobe Reader.

+Download free Adobe Reader.

- \ No newline at end of file + From 83199dd6fe36ded225d1fb57ba5802fe1e94b38d Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 03/10] Patched WebContent/high_yield_investments.htm --- WebContent/high_yield_investments.htm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WebContent/high_yield_investments.htm b/WebContent/high_yield_investments.htm index 715a931..4a8a5a2 100644 --- a/WebContent/high_yield_investments.htm +++ b/WebContent/high_yield_investments.htm @@ -124,7 +124,7 @@

High Yield Investments

if any, to third party products and/or websites are purely coincidental. This site is provided "as is" without warranty of any kind, either express or implied. Watchfire does not assume any risk in relation to your use of this website. For additional Terms of Use, - please go to http://www.watchfire.com/statements/terms.aspx.

+ please go to https://www.watchfire.com/statements/terms.aspx.

Copyright © 2006, Watchfire Corporation, All rights reserved. From 585b3a3c11df7fbd1b43f2068a59c2dafac66f24 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 04/10] Patched WebContent/static/inside_about.htm --- WebContent/static/inside_about.htm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/WebContent/static/inside_about.htm b/WebContent/static/inside_about.htm index cd5517e..345c400 100644 --- a/WebContent/static/inside_about.htm +++ b/WebContent/static/inside_about.htm @@ -9,7 +9,7 @@

About Altoro Mutual

@@ -22,4 +22,4 @@

About Altoro Mutual

Altoro Mutual offers a broad range of commercial, private, retail and mortgage banking services to small- and middle-market businesses and individuals. - \ No newline at end of file + From 5cfc114a749091ef580d48be6fab391e75418b96 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 05/10] Patched src/com/ibm/security/appscan/altoromutual/util/OperationsUtil.java --- .../ibm/security/appscan/altoromutual/util/OperationsUtil.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/com/ibm/security/appscan/altoromutual/util/OperationsUtil.java b/src/com/ibm/security/appscan/altoromutual/util/OperationsUtil.java index 5629335..5093b6b 100644 --- a/src/com/ibm/security/appscan/altoromutual/util/OperationsUtil.java +++ b/src/com/ibm/security/appscan/altoromutual/util/OperationsUtil.java @@ -145,7 +145,7 @@ public static User getUser(HttpServletRequest request) throws SQLException{ public static String makeRandomString() { byte[] array = new byte[7]; // length is bounded by 7 - new Random().nextBytes(array); + new SecureRandom().nextBytes(array); String generatedString = new String(array, Charset.forName("UTF-8")); return generatedString; From 0e76a5a3cab9639950cb734c4cd263aef0428c65 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 06/10] Patched src/com/ibm/security/appscan/altoromutual/util/DBUtil.java --- .../appscan/altoromutual/util/DBUtil.java | 239 +++++++++++------- 1 file changed, 142 insertions(+), 97 deletions(-) diff --git a/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java b/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java index 3031aa8..f0ec31b 100644 --- a/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java +++ b/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java @@ -214,12 +214,13 @@ public static boolean isValidUser(String user, String password) throws SQLExcept return false; Connection connection = getConnection(); - Statement statement = connection.createStatement(); + PreparedStatement preparedStatement = connection.prepareStatement("SELECT COUNT(*) FROM PEOPLE WHERE USER_ID = ? AND PASSWORD = ?"); + preparedStatement.setString(1, user); + preparedStatement.setString(2, password); - ResultSet resultSet =statement.executeQuery("SELECT COUNT(*)FROM PEOPLE WHERE USER_ID = '"+ user +"' AND PASSWORD='" + password + "'"); /* BAD - user input should always be sanitized */ + ResultSet resultSet = preparedStatement.executeQuery(); if (resultSet.next()){ - if (resultSet.getInt(1) > 0) return true; } @@ -238,8 +239,10 @@ public static User getUserInfo(String username) throws SQLException{ return null; Connection connection = getConnection(); - Statement statement = connection.createStatement(); - ResultSet resultSet =statement.executeQuery("SELECT FIRST_NAME,LAST_NAME,ROLE FROM PEOPLE WHERE USER_ID = '"+ username +"' "); /* BAD - user input should always be sanitized */ + String query = "SELECT FIRST_NAME,LAST_NAME,ROLE FROM PEOPLE WHERE USER_ID = ?"; + PreparedStatement preparedStatement = connection.prepareStatement(query); + preparedStatement.setString(1, username); + ResultSet resultSet = preparedStatement.executeQuery(); String firstName = null; String lastName = null; @@ -272,8 +275,9 @@ public static Account[] getAccounts(String username) throws SQLException{ return null; Connection connection = getConnection(); - Statement statement = connection.createStatement(); - ResultSet resultSet =statement.executeQuery("SELECT ACCOUNT_ID, ACCOUNT_NAME, BALANCE FROM ACCOUNTS WHERE USERID = '"+ username +"' "); /* BAD - user input should always be sanitized */ + PreparedStatement preparedStatement = connection.prepareStatement("SELECT ACCOUNT_ID, ACCOUNT_NAME, BALANCE FROM ACCOUNTS WHERE USERID = ?"); + preparedStatement.setString(1, username); + ResultSet resultSet = preparedStatement.executeQuery(); ArrayList accounts = new ArrayList(3); while (resultSet.next()){ @@ -296,66 +300,80 @@ public static Account[] getAccounts(String username) throws SQLException{ * @return */ public static String transferFunds(String username, long creditActId, long debitActId, double amount) { - - try { - - User user = getUserInfo(username); - - Connection connection = getConnection(); - Statement statement = connection.createStatement(); - - Account debitAccount = Account.getAccount(debitActId); - Account creditAccount = Account.getAccount(creditActId); - - if (debitAccount == null){ - return "Originating account is invalid"; - } - - if (creditAccount == null) - return "Destination account is invalid"; - - java.sql.Timestamp date = new Timestamp(new java.util.Date().getTime()); - - //in real life we would want to do these updates and transaction entry creation - //as one atomic operation - - long userCC = user.getCreditCardNumber(); - - /* this is the account that the payment will be made from, thus negative amount!*/ - double debitAmount = -amount; - /* this is the account that the payment will be made to, thus positive amount!*/ - double creditAmount = amount; - - /* Credit card account balance is the amount owed, not amount owned - * (reverse of other accounts). Therefore we have to process balances differently*/ - if (debitAccount.getAccountId() == userCC) - debitAmount = -debitAmount; - - //create transaction record - statement.execute("INSERT INTO TRANSACTIONS (ACCOUNTID, DATE, TYPE, AMOUNT) VALUES ("+debitAccount.getAccountId()+",'"+date+"',"+((debitAccount.getAccountId() == userCC)?"'Cash Advance'":"'Withdrawal'")+","+debitAmount+")," + - "("+creditAccount.getAccountId()+",'"+date+"',"+((creditAccount.getAccountId() == userCC)?"'Payment'":"'Deposit'")+","+creditAmount+")"); - - Log4AltoroJ.getInstance().logTransaction(debitAccount.getAccountId()+" - "+ debitAccount.getAccountName(), creditAccount.getAccountId()+" - "+ creditAccount.getAccountName(), amount); - - if (creditAccount.getAccountId() == userCC) - creditAmount = -creditAmount; - - //add cash advance fee since the money transfer was made from the credit card - if (debitAccount.getAccountId() == userCC){ - statement.execute("INSERT INTO TRANSACTIONS (ACCOUNTID, DATE, TYPE, AMOUNT) VALUES ("+debitAccount.getAccountId()+",'"+date+"','Cash Advance Fee',"+CASH_ADVANCE_FEE+")"); - debitAmount += CASH_ADVANCE_FEE; - Log4AltoroJ.getInstance().logTransaction(String.valueOf(userCC), "N/A", CASH_ADVANCE_FEE); - } - - //update account balances - statement.execute("UPDATE ACCOUNTS SET BALANCE = " + (debitAccount.getBalance()+debitAmount) + " WHERE ACCOUNT_ID = " + debitAccount.getAccountId()); - statement.execute("UPDATE ACCOUNTS SET BALANCE = " + (creditAccount.getBalance()+creditAmount) + " WHERE ACCOUNT_ID = " + creditAccount.getAccountId()); - - return null; - - } catch (SQLException e) { - return "Transaction failed. Please try again later."; - } + try { + User user = getUserInfo(username); + Connection connection = getConnection(); + + Account debitAccount = Account.getAccount(debitActId); + Account creditAccount = Account.getAccount(creditActId); + + if (debitAccount == null){ + return "Originating account is invalid"; + } + + if (creditAccount == null) + return "Destination account is invalid"; + + java.sql.Timestamp date = new Timestamp(new java.util.Date().getTime()); + + long userCC = user.getCreditCardNumber(); + + double debitAmount = -amount; + double creditAmount = amount; + + if (debitAccount.getAccountId() == userCC) + debitAmount = -debitAmount; + + String transactionQuery = "INSERT INTO TRANSACTIONS (ACCOUNTID, DATE, TYPE, AMOUNT) VALUES (?, ?, ?, ?), (?, ?, ?, ?)"; + try (PreparedStatement prepStatement = connection.prepareStatement(transactionQuery)) { + prepStatement.setLong(1, debitAccount.getAccountId()); + prepStatement.setTimestamp(2, date); + prepStatement.setString(3, (debitAccount.getAccountId() == userCC) ? "Cash Advance" : "Withdrawal"); + prepStatement.setDouble(4, debitAmount); + prepStatement.setLong(5, creditAccount.getAccountId()); + prepStatement.setTimestamp(6, date); + prepStatement.setString(7, (creditAccount.getAccountId() == userCC) ? "Payment" : "Deposit"); + prepStatement.setDouble(8, creditAmount); + prepStatement.executeUpdate(); + } + + Log4AltoroJ.getInstance().logTransaction(debitAccount.getAccountId()+" - "+ debitAccount.getAccountName(), creditAccount.getAccountId()+" - "+ creditAccount.getAccountName(), amount); + + if (creditAccount.getAccountId() == userCC) + creditAmount = -creditAmount; + + if (debitAccount.getAccountId() == userCC){ + String cashAdvanceFeeQuery = "INSERT INTO TRANSACTIONS (ACCOUNTID, DATE, TYPE, AMOUNT) VALUES (?, ?, ?, ?)"; + try (PreparedStatement prepStatement = connection.prepareStatement(cashAdvanceFeeQuery)) { + prepStatement.setLong(1, debitAccount.getAccountId()); + prepStatement.setTimestamp(2, date); + prepStatement.setString(3, "Cash Advance Fee"); + prepStatement.setDouble(4, CASH_ADVANCE_FEE); + prepStatement.executeUpdate(); + } + debitAmount += CASH_ADVANCE_FEE; + Log4AltoroJ.getInstance().logTransaction(String.valueOf(userCC), "N/A", CASH_ADVANCE_FEE); + } + + String updateDebitAccountQuery = "UPDATE ACCOUNTS SET BALANCE = ? WHERE ACCOUNT_ID = ?"; + try (PreparedStatement prepStatement = connection.prepareStatement(updateDebitAccountQuery)) { + prepStatement.setDouble(1, debitAccount.getBalance() + debitAmount); + prepStatement.setLong(2, debitAccount.getAccountId()); + prepStatement.executeUpdate(); + } + + String updateCreditAccountQuery = "UPDATE ACCOUNTS SET BALANCE = ? WHERE ACCOUNT_ID = ?"; + try (PreparedStatement prepStatement = connection.prepareStatement(updateCreditAccountQuery)) { + prepStatement.setDouble(1, creditAccount.getBalance() + creditAmount); + prepStatement.setLong(2, creditAccount.getAccountId()); + prepStatement.executeUpdate(); + } + + return null; + + } catch (SQLException e) { + return "Transaction failed. Please try again later."; + } } @@ -374,33 +392,41 @@ public static Transaction[] getTransactions(String startDate, String endDate, Ac Connection connection = getConnection(); + String query = "SELECT * FROM TRANSACTIONS WHERE (" + + "ACCOUNTID = ?" + " OR ".repeat(accounts.length - 1) + "ACCOUNTID = ?" + + ") " + + ((startDate != null && startDate.length() > 0 && endDate != null && endDate.length() > 0) + ? "AND (DATE BETWEEN ? AND ?)" + : (startDate != null && startDate.length() > 0) + ? "AND (DATE > ?)" + : (endDate != null && endDate.length() > 0) + ? "AND (DATE < ?)" + : "") + + " ORDER BY DATE DESC"; - Statement statement = connection.createStatement(); + PreparedStatement preparedStatement = connection.prepareStatement(query); if (rowCount > 0) - statement.setMaxRows(rowCount); + preparedStatement.setMaxRows(rowCount); - StringBuffer acctIds = new StringBuffer(); - acctIds.append("ACCOUNTID = " + accounts[0].getAccountId()); - for (int i=1; i0){ - dateString = "DATE > '" + startDate +" 00:00:00'"; + preparedStatement.setString(parameterIndex++, startDate + " 00:00:00"); } else if (endDate != null && endDate.length()>0){ - dateString = "DATE < '" + endDate + " 23:59:59'"; + preparedStatement.setString(parameterIndex++, endDate + " 23:59:59"); } - - String query = "SELECT * FROM TRANSACTIONS WHERE (" + acctIds.toString() + ") " + ((dateString==null)?"": "AND (" + dateString + ") ") + "ORDER BY DATE DESC" ; + ResultSet resultSet = null; try { - resultSet = statement.executeQuery(query); + resultSet = preparedStatement.executeQuery(); } catch (SQLException e){ int errorCode = e.getErrorCode(); if (errorCode == 30000) @@ -447,8 +473,9 @@ public static String[] getBankUsernames() { public static Account getAccount(long accountNo) throws SQLException { Connection connection = getConnection(); - Statement statement = connection.createStatement(); - ResultSet resultSet =statement.executeQuery("SELECT ACCOUNT_NAME, BALANCE FROM ACCOUNTS WHERE ACCOUNT_ID = "+ accountNo +" "); /* BAD - user input should always be sanitized */ + PreparedStatement preparedStatement = connection.prepareStatement("SELECT ACCOUNT_NAME, BALANCE FROM ACCOUNTS WHERE ACCOUNT_ID = ?"); + preparedStatement.setLong(1, accountNo); + ResultSet resultSet = preparedStatement.executeQuery(); ArrayList accounts = new ArrayList(3); while (resultSet.next()){ @@ -467,8 +494,10 @@ public static Account getAccount(long accountNo) throws SQLException { public static String addAccount(String username, String acctType) { try { Connection connection = getConnection(); - Statement statement = connection.createStatement(); - statement.execute("INSERT INTO ACCOUNTS (USERID,ACCOUNT_NAME,BALANCE) VALUES ('"+username+"','"+acctType+"', 0)"); + PreparedStatement preparedStatement = connection.prepareStatement("INSERT INTO ACCOUNTS (USERID,ACCOUNT_NAME,BALANCE) VALUES (?, ?, 0)"); + preparedStatement.setString(1, username); + preparedStatement.setString(2, acctType); + preparedStatement.executeUpdate(); return null; } catch (SQLException e){ return e.toString(); @@ -478,36 +507,47 @@ public static String addAccount(String username, String acctType) { public static String addSpecialUser(String username, String password, String firstname, String lastname) { try { Connection connection = getConnection(); - Statement statement = connection.createStatement(); - statement.execute("INSERT INTO SPECIAL_CUSTOMERS (USER_ID,PASSWORD,FIRST_NAME,LAST_NAME,ROLE) VALUES ('"+username+"','"+password+"', '"+firstname+"', '"+lastname+"','user')"); + String query = "INSERT INTO SPECIAL_CUSTOMERS (USER_ID,PASSWORD,FIRST_NAME,LAST_NAME,ROLE) VALUES (?,?,?,?,?)"; + PreparedStatement preparedStatement = connection.prepareStatement(query); + preparedStatement.setString(1, username); + preparedStatement.setString(2, password); + preparedStatement.setString(3, firstname); + preparedStatement.setString(4, lastname); + preparedStatement.setString(5, "user"); + preparedStatement.executeUpdate(); return null; } catch (SQLException e){ return e.toString(); - } } public static String addUser(String username, String password, String firstname, String lastname) { try { Connection connection = getConnection(); - Statement statement = connection.createStatement(); - statement.execute("INSERT INTO PEOPLE (USER_ID,PASSWORD,FIRST_NAME,LAST_NAME,ROLE) VALUES ('"+username+"','"+password+"', '"+firstname+"', '"+lastname+"','user')"); + String query = "INSERT INTO PEOPLE (USER_ID,PASSWORD,FIRST_NAME,LAST_NAME,ROLE) VALUES (?,?,?,?,?)"; + PreparedStatement preparedStatement = connection.prepareStatement(query); + preparedStatement.setString(1, username); + preparedStatement.setString(2, password); + preparedStatement.setString(3, firstname); + preparedStatement.setString(4, lastname); + preparedStatement.setString(5, "user"); + preparedStatement.execute(); return null; } catch (SQLException e){ return e.toString(); - } } public static String changePassword(String username, String password) { try { Connection connection = getConnection(); - Statement statement = connection.createStatement(); - statement.execute("UPDATE PEOPLE SET PASSWORD = '"+ password +"' WHERE USER_ID = '"+username+"'"); + PreparedStatement preparedStatement = connection.prepareStatement("UPDATE PEOPLE SET PASSWORD = ? WHERE USER_ID = ?"); + preparedStatement.setString(1, password); + preparedStatement.setString(2, username); + preparedStatement.executeUpdate(); return null; } catch (SQLException e){ return e.toString(); - } } @@ -515,9 +555,14 @@ public static String changePassword(String username, String password) { public static long storeFeedback(String name, String email, String subject, String comments) { try{ Connection connection = getConnection(); - Statement statement = connection.createStatement(); - statement.execute("INSERT INTO FEEDBACK (NAME,EMAIL,SUBJECT,COMMENTS) VALUES ('"+name+"', '"+email+"', '"+subject+"', '"+comments+"')", Statement.RETURN_GENERATED_KEYS); - ResultSet rs= statement.getGeneratedKeys(); + String query = "INSERT INTO FEEDBACK (NAME,EMAIL,SUBJECT,COMMENTS) VALUES (?, ?, ?, ?)"; + PreparedStatement preparedStatement = connection.prepareStatement(query, Statement.RETURN_GENERATED_KEYS); + preparedStatement.setString(1, name); + preparedStatement.setString(2, email); + preparedStatement.setString(3, subject); + preparedStatement.setString(4, comments); + preparedStatement.executeUpdate(); + ResultSet rs = preparedStatement.getGeneratedKeys(); long id = -1; if (rs.next()){ id = rs.getLong(1); From 89b7f3fda492640a3955dacb53e54f4292b08ea3 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 07/10] Patched src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java --- src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java b/src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java index 6524e35..4dcfc92 100644 --- a/src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java +++ b/src/com/ibm/security/appscan/altoromutual/util/ServletUtil.java @@ -343,6 +343,7 @@ public static Cookie establishSession(String username, HttpSession session){ Account[] accounts = user.getAccounts(); String accountStringList = Account.toBase64List(accounts); Cookie accountCookie = new Cookie(ServletUtil.ALTORO_COOKIE, accountStringList); + accountCookie.setSecure(true); session.setAttribute(ServletUtil.SESSION_ATTR_USER, user); return accountCookie; } From 1af183aec0cb78b6374ed4d65e9b80594f24f124 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 08/10] Patched src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java --- .../altoromutual/servlet/AdminServlet.java | 29 +++++++++++-------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java b/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java index bcc1c94..0469e93 100644 --- a/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java +++ b/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java @@ -28,8 +28,7 @@ /** * This servlet handles site admin operations - * @author Alexei - */ + */ public class AdminServlet extends HttpServlet { private static final long serialVersionUID = 1L; @@ -41,8 +40,8 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) //add account if (request.getRequestURL().toString().endsWith("addAccount")){ - String username = request.getParameter("username"); - String acctType = request.getParameter("accttypes"); + String username = sanitizeInput(request.getParameter("username")); + String acctType = sanitizeInput(request.getParameter("accttypes")); if (username == null || acctType == null || username.trim().length() == 0 || acctType.trim().length() == 0) message = "An error has occurred. Please try again later."; else { @@ -54,11 +53,11 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) //add user else if (request.getRequestURL().toString().endsWith("addUser")){ - String firstname = request.getParameter("firstname"); - String lastname = request.getParameter("lastname"); - String username = request.getParameter("username"); - String password1 = request.getParameter("password1"); - String password2 = request.getParameter("password2"); + String firstname = sanitizeInput(request.getParameter("firstname")); + String lastname = sanitizeInput(request.getParameter("lastname")); + String username = sanitizeInput(request.getParameter("username")); + String password1 = sanitizeInput(request.getParameter("password1")); + String password2 = sanitizeInput(request.getParameter("password2")); if (username == null || username.trim().length() == 0 || password1 == null || password1.trim().length() == 0 || password2 == null || password2.trim().length() == 0) @@ -87,9 +86,9 @@ else if (request.getRequestURL().toString().endsWith("addUser")){ //change password else if (request.getRequestURL().toString().endsWith("changePassword")){ - String username = request.getParameter("username"); - String password1 = request.getParameter("password1"); - String password2 = request.getParameter("password2"); + String username = sanitizeInput(request.getParameter("username")); + String password1 = sanitizeInput(request.getParameter("password1")); + String password2 = sanitizeInput(request.getParameter("password2")); if (username == null || username.trim().length() == 0 || password1 == null || password1.trim().length() == 0 || password2 == null || password2.trim().length() == 0) @@ -120,4 +119,10 @@ else if (request.getRequestURL().toString().endsWith("changePassword")){ return ; } + private String sanitizeInput(String input) { + if (input == null) { + return null; + } + return input.replaceAll("[^\\w\\s]", "").trim(); + } } From c5715bac9dbee82606dafb04961c9f78c065649f Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 09/10] Patched src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java --- .../security/appscan/altoromutual/servlet/LoginServlet.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java b/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java index 55303c3..8155890 100644 --- a/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java +++ b/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java @@ -33,7 +33,6 @@ /** * This servlet processes user's login and logout operations * Servlet implementation class LoginServlet - * @author Alexei */ public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; @@ -92,6 +91,8 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) //Handle the cookie using ServletUtil.establishSession(String) try{ Cookie accountCookie = ServletUtil.establishSession(username,session); + accountCookie.setHttpOnly(true); + accountCookie.setSecure(true); response.addCookie(accountCookie); response.sendRedirect(request.getContextPath()+"/bank/main.jsp"); } @@ -105,3 +106,4 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) } } + From b9890f9bfeffd3d1f42fd03ddba6a697997bf982 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 12:17:26 +0800 Subject: [PATCH 10/10] Patched src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java --- .../appscan/altoromutual/servlet/SurveyServlet.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java b/src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java index 40b8984..9ad0861 100644 --- a/src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java +++ b/src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java @@ -95,10 +95,17 @@ else if (step.equals("done")){ content = "

Request Out of Order

"+ "

It appears that you attempted to skip or repeat some areas of this survey. Please return to the start page to begin again.

"; } else { - request.getSession().setAttribute("surveyStep", step); + String sanitizedStep = sanitizeInput(step); + request.getSession().setAttribute("surveyStep", sanitizedStep); + + // Assuming a sanitizeInput method exists elsewhere in your codebase: + // private String sanitizeInput(String input) { + // // Implement sanitation logic here + // return input.replaceAll("[^a-zA-Z0-9]", ""); + // } } response.setContentType("text/html"); - response.getWriter().write(content); + response.getWriter().write(org.apache.commons.text.StringEscapeUtils.escapeHtml4(content)); response.getWriter().flush(); }