From 63d4d25af7297d699575e0534a3aba53edd6af1a Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Wed, 26 Apr 2023 08:17:13 +0200 Subject: [PATCH] Fix for string checks for challenge 7, 13, and 14 --- .../wrongsecrets/challenges/docker/Challenge13.java | 7 ++++--- .../wrongsecrets/challenges/docker/Challenge14.java | 9 +++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java index 572c3a377..9f461ab09 100644 --- a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java +++ b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java @@ -1,7 +1,7 @@ package org.owasp.wrongsecrets.challenges.docker; +import com.google.common.base.Strings; import lombok.extern.slf4j.Slf4j; -import org.apache.logging.log4j.util.Strings; import org.owasp.wrongsecrets.RuntimeEnvironment; import org.owasp.wrongsecrets.ScoreCard; import org.owasp.wrongsecrets.challenges.Challenge; @@ -58,10 +58,11 @@ protected boolean answerCorrect(String answer) { return isKeyCorrect(answer); } - @Override + /** * {@inheritDoc} */ + @Override public List supportedRuntimeEnvironments() { return List.of(RuntimeEnvironment.Environment.DOCKER); } @@ -90,7 +91,7 @@ public boolean isLimittedWhenOnlineHosted() { } private boolean isKeyCorrect(String base64EncodedKey) { - if (Strings.isEmpty(base64EncodedKey) || Strings.isEmpty(plainText) || Strings.isEmpty(cipherText)) { + if (Strings.isNullOrEmpty(base64EncodedKey) || Strings.isNullOrEmpty(plainText) || Strings.isNullOrEmpty(cipherText)) { //log.debug("Checking secret with values {}, {}, {}", base64EncodedKey, plainText, cipherText); return false; } diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java index 68911d10a..99faf9813 100644 --- a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java +++ b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java @@ -1,8 +1,8 @@ package org.owasp.wrongsecrets.challenges.docker; +import com.google.common.base.Strings; import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import lombok.extern.slf4j.Slf4j; -import org.apache.logging.log4j.util.Strings; import org.linguafranca.pwdb.Database; import org.linguafranca.pwdb.kdbx.KdbxCreds; import org.linguafranca.pwdb.kdbx.simple.SimpleDatabase; @@ -66,10 +66,11 @@ protected boolean answerCorrect(String answer) { return isanswerCorrectInKeeyPassx(answer); } - @Override + /** * {@inheritDoc} */ + @Override public List supportedRuntimeEnvironments() { return List.of(RuntimeEnvironment.Environment.DOCKER); } @@ -99,7 +100,7 @@ public boolean isLimittedWhenOnlineHosted() { @SuppressFBWarnings("PATH_TRAVERSAL_IN") private String findAnswer() { - if (Strings.isEmpty(keepassxPassword)) { + if (Strings.isNullOrEmpty(keepassxPassword)) { //log.debug("Checking secret with values {}", keepassxPassword); return defaultKeepassValue; } @@ -117,7 +118,7 @@ private String findAnswer() { } private boolean isanswerCorrectInKeeyPassx(String answer) { - if (Strings.isEmpty(keepassxPassword) || Strings.isEmpty(answer)) { + if (Strings.isNullOrEmpty(keepassxPassword) || Strings.isNullOrEmpty(answer)) { //log.debug("Checking secret with values {}, {}", keepassxPassword, answer); return false; }