From 226c20e0c9124037671a91d6b3e5083bd2462058 Mon Sep 17 00:00:00 2001
From: vran <vran_dev@foxmail.com>
Date: Fri, 29 Jul 2022 11:18:51 +0800
Subject: [PATCH] fix: security vulnerability SSRF (#256)

---
 .../core/infrastructure/driver/DriverResources.java        | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/com/databasir/core/infrastructure/driver/DriverResources.java b/core/src/main/java/com/databasir/core/infrastructure/driver/DriverResources.java
index a15ae02..672cf06 100644
--- a/core/src/main/java/com/databasir/core/infrastructure/driver/DriverResources.java
+++ b/core/src/main/java/com/databasir/core/infrastructure/driver/DriverResources.java
@@ -60,7 +60,7 @@ private File download(String driverFileUrl, String parentDir) {
         try {
             Files.createDirectories(parentDirPath);
         } catch (IOException e) {
-            log.error("下载驱动时创建目录失败", e);
+            log.error("create directory for driver failed", e);
             throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(e);
         }
 
@@ -97,8 +97,9 @@ private File download(String driverFileUrl, String parentDir) {
                 }
             });
         } catch (RestClientException e) {
-            log.error(parentDir + " download driver error", e);
-            throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(e.getMessage());
+            String msg = String.format("download driver from %s to %s failed", driverFileUrl, parentDir);
+            log.error(msg, e);
+            throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(msg);
         }
     }