From 58c4d165303eb0f89c98c92c704d5085f8b8af46 Mon Sep 17 00:00:00 2001 From: mayhew64 Date: Sat, 30 Sep 2006 13:25:36 +0000 Subject: [PATCH] Removed file/folder git-svn-id: http://webgoat.googlecode.com/svn/trunk@7 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../org/owasp/webgoat/util/Exec.java | 508 ------------------ .../org/owasp/webgoat/util/ExecResults.java | 320 ----------- .../webgoat/util/ExecutionException.java | 31 -- .../org/owasp/webgoat/util/HtmlEncoder.java | 195 ------- .../org/owasp/webgoat/util/ThreadWatcher.java | 90 ---- 5 files changed, 1144 deletions(-) delete mode 100644 webgoat/main/project/JavaSource/org/owasp/webgoat/util/Exec.java delete mode 100644 webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecResults.java delete mode 100644 webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecutionException.java delete mode 100644 webgoat/main/project/JavaSource/org/owasp/webgoat/util/HtmlEncoder.java delete mode 100644 webgoat/main/project/JavaSource/org/owasp/webgoat/util/ThreadWatcher.java diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Exec.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Exec.java deleted file mode 100644 index abd43f3e7..000000000 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Exec.java +++ /dev/null @@ -1,508 +0,0 @@ -package org.owasp.webgoat.util; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.util.BitSet; - - -/** - * Copyright (c) 2002 Free Software Foundation developed under the custody of the Open Web - * Application Security Project (http://www.owasp.org) This software package org.owasp.webgoat.is published by OWASP - * under the GPL. You should read and accept the LICENSE before you use, modify and/or redistribute - * this software. - * - * @author Jeff Williams Aspect Security - * @created October 28, 2003 - */ -public class Exec -{ - /** - * Description of the Method - * - * @param command Description of the Parameter - * @param input Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execInput( String command, String input ) - { - return ( execOptions( command, input, 0, 0, false ) ); - } - - - /** - * Description of the Method - * - * @param command Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execLazy( String command ) - { - return ( execOptions( command, "", 0, 0, true ) ); - } - - - /* - * Execute an OS command and capture the output in an ExecResults. - * All exceptions are caught and stored in the ExecResults. - * @param String command is the OS command to execute - * @param String input is piped into the OS command - * @param int successCode is the expected return code if the command completes successfully - * @param int timeout is the number of milliseconds to wait before interrupting the command - * @param boolean quit tells the method to exit when there is no more output waiting - */ - /** - * Description of the Method - * - * @param command Description of the Parameter - * @param input Description of the Parameter - * @param successCode Description of the Parameter - * @param timeout Description of the Parameter - * @param lazy Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execOptions( String[] command, String input, int successCode, int timeout, boolean lazy ) - { - Process child = null; - ByteArrayOutputStream output = new ByteArrayOutputStream(); - ByteArrayOutputStream errors = new ByteArrayOutputStream(); - ExecResults results = new ExecResults( command[0], input, successCode, timeout ); - BitSet interrupted = new BitSet( 1 ); - boolean lazyQuit = false; - ThreadWatcher watcher; - - try - { - // start the command - child = Runtime.getRuntime().exec( command ); - - // get the streams in and out of the command - InputStream processIn = child.getInputStream(); - InputStream processError = child.getErrorStream(); - OutputStream processOut = child.getOutputStream(); - - // start the clock running - if ( timeout > 0 ) - { - watcher = new ThreadWatcher( child, interrupted, timeout ); - new Thread( watcher ).start(); - } - - // Write to the child process' input stream - if ( ( input != null ) && !input.equals( "" ) ) - { - try - { - processOut.write( input.getBytes() ); - processOut.flush(); - processOut.close(); - } - catch ( IOException e1 ) - { - results.setThrowable( e1 ); - } - } - - // Read from the child process' output stream - // The process may get killed by the watcher at any time - int c = 0; - - try - { - while ( true ) - { - if ( interrupted.get( 0 ) || lazyQuit ) - { - break; - } - - // interrupted - c = processIn.read(); - - if ( c == -1 ) - { - break; - } - - // end of stream - output.write( c ); - - if ( lazy && ( processIn.available() < 1 ) ) - { - lazyQuit = true; - } - - // if lazy and nothing then quit (after at least one read) - } - - processIn.close(); - } - catch ( IOException e2 ) - { - results.setThrowable( e2 ); - } - finally - { - if ( interrupted.get( 0 ) ) - { - results.setInterrupted(); - } - - results.setOutput( output.toString() ); - } - - // Read from the child process' error stream - // The process may get killed by the watcher at any time - try - { - while ( true ) - { - if ( interrupted.get( 0 ) || lazyQuit ) - { - break; - } - - // interrupted - c = processError.read(); - - if ( c == -1 ) - { - break; - } - - // end of stream - output.write( c ); - - if ( lazy && ( processError.available() < 1 ) ) - { - lazyQuit = true; - } - - // if lazy and nothing then quit (after at least one read) - } - - processError.close(); - } - catch ( IOException e3 ) - { - results.setThrowable( e3 ); - } - finally - { - if ( interrupted.get( 0 ) ) - { - results.setInterrupted(); - } - - results.setErrors( errors.toString() ); - } - - // wait for the return value of the child process. - if ( !interrupted.get( 0 ) && !lazyQuit ) - { - int returnCode = child.waitFor(); - results.setReturnCode( returnCode ); - - if ( returnCode != successCode ) - { - results.setError( ExecResults.BADRETURNCODE ); - } - } - } - catch ( InterruptedException i ) - { - results.setInterrupted(); - } - catch ( Throwable t ) - { - results.setThrowable( t ); - } - finally - { - if ( child != null ) - { - child.destroy(); - } - } - - return ( results ); - } - - - /* - * Execute an OS command and capture the output in an ExecResults. - * All exceptions are caught and stored in the ExecResults. - * @param String command is the OS command to execute - * @param String input is piped into the OS command - * @param int successCode is the expected return code if the command completes successfully - * @param int timeout is the number of milliseconds to wait before interrupting the command - * @param boolean quit tells the method to exit when there is no more output waiting - */ - /** - * Description of the Method - * - * @param command Description of the Parameter - * @param input Description of the Parameter - * @param successCode Description of the Parameter - * @param timeout Description of the Parameter - * @param lazy Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execOptions( String command, String input, int successCode, int timeout, boolean lazy ) - { - Process child = null; - ByteArrayOutputStream output = new ByteArrayOutputStream(); - ByteArrayOutputStream errors = new ByteArrayOutputStream(); - ExecResults results = new ExecResults( command, input, successCode, timeout ); - BitSet interrupted = new BitSet( 1 ); - boolean lazyQuit = false; - ThreadWatcher watcher; - - try - { - // start the command - child = Runtime.getRuntime().exec( command ); - - // get the streams in and out of the command - InputStream processIn = child.getInputStream(); - InputStream processError = child.getErrorStream(); - OutputStream processOut = child.getOutputStream(); - - // start the clock running - if ( timeout > 0 ) - { - watcher = new ThreadWatcher( child, interrupted, timeout ); - new Thread( watcher ).start(); - } - - // Write to the child process' input stream - if ( ( input != null ) && !input.equals( "" ) ) - { - try - { - processOut.write( input.getBytes() ); - processOut.flush(); - processOut.close(); - } - catch ( IOException e1 ) - { - results.setThrowable( e1 ); - } - } - - // Read from the child process' output stream - // The process may get killed by the watcher at any time - int c = 0; - - try - { - while ( true ) - { - if ( interrupted.get( 0 ) || lazyQuit ) - { - break; - } - - // interrupted - c = processIn.read(); - - if ( c == -1 ) - { - break; - } - - // end of stream - output.write( c ); - - if ( lazy && ( processIn.available() < 1 ) ) - { - lazyQuit = true; - } - - // if lazy and nothing then quit (after at least one read) - } - - processIn.close(); - } - catch ( IOException e2 ) - { - results.setThrowable( e2 ); - } - finally - { - if ( interrupted.get( 0 ) ) - { - results.setInterrupted(); - } - - results.setOutput( output.toString() ); - } - - // Read from the child process' error stream - // The process may get killed by the watcher at any time - try - { - while ( true ) - { - if ( interrupted.get( 0 ) || lazyQuit ) - { - break; - } - - // interrupted - c = processError.read(); - - if ( c == -1 ) - { - break; - } - - // end of stream - output.write( c ); - - if ( lazy && ( processError.available() < 1 ) ) - { - lazyQuit = true; - } - - // if lazy and nothing then quit (after at least one read) - } - - processError.close(); - } - catch ( IOException e3 ) - { - results.setThrowable( e3 ); - } - finally - { - if ( interrupted.get( 0 ) ) - { - results.setInterrupted(); - } - - results.setErrors( errors.toString() ); - } - - // wait for the return value of the child process. - if ( !interrupted.get( 0 ) && !lazyQuit ) - { - int returnCode = child.waitFor(); - results.setReturnCode( returnCode ); - - if ( returnCode != successCode ) - { - results.setError( ExecResults.BADRETURNCODE ); - } - } - } - catch ( InterruptedException i ) - { - results.setInterrupted(); - } - catch ( Throwable t ) - { - results.setThrowable( t ); - } - finally - { - if ( child != null ) - { - child.destroy(); - } - } - - return ( results ); - } - - - /** - * Description of the Method - * - * @param command Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execSimple( String[] command ) - { - return ( execOptions( command, "", 0, 0, false ) ); - } - - - /** - * Description of the Method - * - * @param command Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execSimple( String command ) - { - return ( execOptions( command, "", 0, 0, false ) ); - } - - - /** - * Description of the Method - * - * @param command Description of the Parameter - * @param args Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execSimple( String command, String args ) - { - return ( execOptions( command, args, 0, 0, false ) ); - } - - - /** - * Description of the Method - * - * @param command Description of the Parameter - * @param timeout Description of the Parameter - * @return Description of the Return Value - */ - public static ExecResults execTimeout( String command, int timeout ) - { - return ( execOptions( command, "", 0, timeout, false ) ); - } - - - /** - * The main program for the Exec class - * - * @param args The command line arguments - */ - public static void main( String[] args ) - { - ExecResults results; - String sep = System.getProperty( "line.separator" ); - System.out.println( "-------------------------------------------" + sep + "TEST 1: execSimple" ); - results = Exec.execSimple( "c:/swarm-2.1.1/bin/whoami.exe" ); - System.out.println( results ); - System.out.println( "-------------------------------------------" + sep + "TEST 2: execSimple (with search)" ); - results = Exec.execSimple( "netstat -r" ); - System.out.println( results ); - - if ( results.outputContains( "localhost:1031" ) ) - { - System.out.println( "ERROR: listening on 1031" ); - } - - System.out.println( "-------------------------------------------" + sep + "TEST 3: execInput" ); - results = Exec.execInput( "find \"cde\"", "abcdefg1\nhijklmnop\nqrstuv\nabcdefg2" ); - System.out.println( results ); - System.out.println( "-------------------------------------------" + sep + "TEST 4:execTimeout" ); - results = Exec.execTimeout( "ping -t 127.0.0.1", 5 * 1000 ); - System.out.println( results ); - System.out.println( "-------------------------------------------" + sep + "TEST 5:execLazy" ); - results = Exec.execLazy( "ping -t 127.0.0.1" ); - System.out.println( results ); - System.out.println( "-------------------------------------------" + sep + "TEST 6:ExecTimeout process never outputs" ); - results = Exec.execTimeout( "c:/swarm-2.1.1/bin/sleep.exe 20", 5 * 1000 ); - System.out.println( results ); - System.out.println( "-------------------------------------------" + sep + "TEST 7:ExecTimeout process waits for input" ); - results = Exec.execTimeout( "c:/swarm-2.1.1/bin/cat", 5 * 1000 ); - System.out.println( results ); - } -} - diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecResults.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecResults.java deleted file mode 100644 index eb8fb2fa1..000000000 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecResults.java +++ /dev/null @@ -1,320 +0,0 @@ -package org.owasp.webgoat.util; - -/** - * Copyright (c) 2002 Free Software Foundation developed under the custody of - * the Open Web Application Security Project (http://www.owasp.org) This - * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and - * accept the LICENSE before you use, modify and/or redistribute this software. - * - * @author Jeff Williams Aspect Security - */ -public class ExecResults -{ - /** - * Description of the Field - */ - public final static int BADRETURNCODE = 2; - - /** - * Description of the Field - */ - public final static int THROWABLE = 1; - private String myCommand; - private boolean myError = false; - private int myErrorType = 0; - private String myErrors = null; - private String myInput; - private boolean myInterrupted = false; - private String myOutput = null; - private int myReturnCode = 0; - private int mySuccessCode; - private Throwable myThrowable = null; - private int myTimeout; - - /** - * Constructor for the ExecResults object - * - *@param command Description of the Parameter - *@param input Description of the Parameter - *@param successCode Description of the Parameter - *@param timeout Description of the Parameter - */ - public ExecResults(String command, String input, int successCode, int timeout) - { - myCommand = command.trim(); - myInput = input.trim(); - mySuccessCode = successCode; - myTimeout = timeout; - } - - /** - * Description of the Method - * - *@param haystack Description of the Parameter - *@param needle Description of the Parameter - *@param fromIndex Description of the Parameter - *@return Description of the Return Value - */ - private boolean contains(String haystack, String needle, int fromIndex) - { - return (haystack.trim().toLowerCase().indexOf(needle.trim().toLowerCase(), fromIndex) != -1); - } - - - /** - * Description of the Method - * - *@param value Description of the Parameter - *@return Description of the Return Value - */ - public boolean errorsContains(String value) - { - return (errorsContains(value, 0)); - } - - - /** - * Description of the Method - * - *@param value Description of the Parameter - *@param fromIndex Description of the Parameter - *@return Description of the Return Value - */ - public boolean errorsContains(String value, int fromIndex) - { - return (contains(myErrors, value, fromIndex)); - } - - - /** - * Gets the error attribute of the ExecResults object - * - *@return The error value - */ - public boolean getError() - { - return (myError); - } - - - /** - * Gets the errorMessage attribute of the ExecResults object - * - *@return The errorMessage value - */ - public String getErrorMessage() - { - switch (getErrorType()) - { - case THROWABLE: - return ("Exception: " + myThrowable.getMessage()); - - case BADRETURNCODE: - return ("Bad return code (expected " + mySuccessCode + ")"); - - default: - return ("Unknown error"); - } - } - - - /** - * Gets the errorType attribute of the ExecResults object - * - *@return The errorType value - */ - public int getErrorType() - { - return (myErrorType); - } - - - /** - * Gets the errors attribute of the ExecResults object - * - *@return The errors value - */ - public String getErrors() - { - return (myErrors); - } - - - /** - * Gets the interrupted attribute of the ExecResults object - * - *@return The interrupted value - */ - public boolean getInterrupted() - { - return (myInterrupted); - } - - - /** - * Gets the output attribute of the ExecResults object - * - *@return The output value - */ - public String getOutput() - { - return (myOutput); - } - - - /** - * Gets the returnCode attribute of the ExecResults object - * - *@return The returnCode value - */ - public int getReturnCode() - { - return (myReturnCode); - } - - - /** - * Gets the throwable attribute of the ExecResults object - * - *@return The throwable value - */ - public Throwable getThrowable() - { - return (myThrowable); - } - - - /** - * Description of the Method - * - *@param value Description of the Parameter - *@return Description of the Return Value - */ - public boolean outputContains(String value) - { - return (outputContains(value, 0)); - } - - - /** - * Description of the Method - * - *@param value Description of the Parameter - *@param fromIndex Description of the Parameter - *@return Description of the Return Value - */ - public boolean outputContains(String value, int fromIndex) - { - return (contains(myOutput, value, fromIndex)); - } - - - /** - * Sets the error attribute of the ExecResults object - * - *@param value The new error value - */ - public void setError(int value) - { - myError = true; - myErrorType = value; - } - - - /** - * Sets the errors attribute of the ExecResults object - * - *@param errors The new errors value - */ - public void setErrors(String errors) - { - myErrors = errors.trim(); - } - - - /** - * Sets the interrupted attribute of the ExecResults object - */ - public void setInterrupted() - { - myInterrupted = true; - } - - - /** - * Sets the output attribute of the ExecResults object - * - *@param value The new output value - */ - public void setOutput(String value) - { - myOutput = value.trim(); - } - - - /** - * Sets the returnCode attribute of the ExecResults object - * - *@param value The new returnCode value - */ - public void setReturnCode(int value) - { - myReturnCode = value; - } - - - /** - * Sets the throwable attribute of the ExecResults object - * - *@param value The new throwable value - */ - public void setThrowable(Throwable value) - { - setError(THROWABLE); - myThrowable = value; - } - - - /** - * Description of the Method - * - *@return Description of the Return Value - */ - public String toString() - { - String sep = System.getProperty("line.separator"); - StringBuffer value = new StringBuffer(); - value.append("ExecResults for \'" + myCommand + "\'" + sep); - - if ((myInput != null) && !myInput.equals("")) - { - value.append(sep + "Input..." + sep + myInput + sep); - } - - if ((myOutput != null) && !myOutput.equals("")) - { - value.append(sep + "Output..." + sep + myOutput + sep); - } - - if ((myErrors != null) && !myErrors.equals("")) - { - value.append(sep + "Errors..." + sep + myErrors + sep); - } - - value.append(sep); - - if (myInterrupted) - { - value.append("Command timed out after " + (myTimeout / 1000) + " seconds " + sep); - } - - value.append("Returncode: " + myReturnCode + sep); - - if (myError) - { - value.append(getErrorMessage() + sep); - } - - return (value.toString()); - } -} diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecutionException.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecutionException.java deleted file mode 100644 index e01c00f31..000000000 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ExecutionException.java +++ /dev/null @@ -1,31 +0,0 @@ -package org.owasp.webgoat.util; - -/** - * Copyright (c) 2002 Free Software Foundation developed under the custody of - * the Open Web Application Security Project (http://www.owasp.org) This - * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and - * accept the LICENSE before you use, modify and/or redistribute this software. - * - * @author Jeff Williams Aspect Security - */ -public class ExecutionException extends Exception -{ - /** - * Constructor for the ExecutionException object - */ - public ExecutionException() - { - super(); - } - - - /** - * Constructor for the ExecutionException object - * - *@param msg Description of the Parameter - */ - public ExecutionException(String msg) - { - super(msg); - } -} diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/HtmlEncoder.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/HtmlEncoder.java deleted file mode 100644 index 09401378a..000000000 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/HtmlEncoder.java +++ /dev/null @@ -1,195 +0,0 @@ -package org.owasp.webgoat.util; - -import java.util.HashMap; -import java.util.Map; - -public class HtmlEncoder -{ - static Map e2i = new HashMap(); - static Map i2e = new HashMap(); - - // html entity list - private static Object[][] entities = - { - {"quot", new Integer( 34 )}, // " - double-quote - {"amp", new Integer( 38 )}, // & - ampersand - {"lt", new Integer( 60 )}, // < - less-than - {"gt", new Integer( 62 )}, // > - greater-than - {"nbsp", new Integer( 160 )}, // non-breaking space - {"copy", new Integer( 169 )}, // © - copyright - {"reg", new Integer( 174 )}, // ® - registered trademark - {"Agrave", new Integer( 192 )}, // À - uppercase A, grave accent - {"Aacute", new Integer( 193 )}, // Á - uppercase A, acute accent - {"Acirc", new Integer( 194 )}, // Â - uppercase A, circumflex accent - {"Atilde", new Integer( 195 )}, // Ã - uppercase A, tilde - {"Auml", new Integer( 196 )}, // Ä - uppercase A, umlaut - {"Aring", new Integer( 197 )}, // Å - uppercase A, ring - {"AElig", new Integer( 198 )}, // Æ - uppercase AE - {"Ccedil", new Integer( 199 )}, // Ç - uppercase C, cedilla - {"Egrave", new Integer( 200 )}, // È - uppercase E, grave accent - {"Eacute", new Integer( 201 )}, // É - uppercase E, acute accent - {"Ecirc", new Integer( 202 )}, // Ê - uppercase E, circumflex accent - {"Euml", new Integer( 203 )}, // Ë - uppercase E, umlaut - {"Igrave", new Integer( 204 )}, // Ì - uppercase I, grave accent - {"Iacute", new Integer( 205 )}, // Í - uppercase I, acute accent - {"Icirc", new Integer( 206 )}, // Î - uppercase I, circumflex accent - {"Iuml", new Integer( 207 )}, // Ï - uppercase I, umlaut - {"ETH", new Integer( 208 )}, // Ð - uppercase Eth, Icelandic - {"Ntilde", new Integer( 209 )}, // Ñ - uppercase N, tilde - {"Ograve", new Integer( 210 )}, // Ò - uppercase O, grave accent - {"Oacute", new Integer( 211 )}, // Ó - uppercase O, acute accent - {"Ocirc", new Integer( 212 )}, // Ô - uppercase O, circumflex accent - {"Otilde", new Integer( 213 )}, // Õ - uppercase O, tilde - {"Ouml", new Integer( 214 )}, // Ö - uppercase O, umlaut - {"Oslash", new Integer( 216 )}, // Ø - uppercase O, slash - {"Ugrave", new Integer( 217 )}, // Ù - uppercase U, grave accent - {"Uacute", new Integer( 218 )}, // Ú - uppercase U, acute accent - {"Ucirc", new Integer( 219 )}, // Û - uppercase U, circumflex accent - {"Uuml", new Integer( 220 )}, // Ü - uppercase U, umlaut - {"Yacute", new Integer( 221 )}, // Ý - uppercase Y, acute accent - {"THORN", new Integer( 222 )}, // Þ - uppercase THORN, Icelandic - {"szlig", new Integer( 223 )}, // ß - lowercase sharps, German - {"agrave", new Integer( 224 )}, // à - lowercase a, grave accent - {"aacute", new Integer( 225 )}, // á - lowercase a, acute accent - {"acirc", new Integer( 226 )}, // â - lowercase a, circumflex accent - {"atilde", new Integer( 227 )}, // ã - lowercase a, tilde - {"auml", new Integer( 228 )}, // ä - lowercase a, umlaut - {"aring", new Integer( 229 )}, // å - lowercase a, ring - {"aelig", new Integer( 230 )}, // æ - lowercase ae - {"ccedil", new Integer( 231 )}, // ç - lowercase c, cedilla - {"egrave", new Integer( 232 )}, // è - lowercase e, grave accent - {"eacute", new Integer( 233 )}, // é - lowercase e, acute accent - {"ecirc", new Integer( 234 )}, // ê - lowercase e, circumflex accent - {"euml", new Integer( 235 )}, // ë - lowercase e, umlaut - {"igrave", new Integer( 236 )}, // ì - lowercase i, grave accent - {"iacute", new Integer( 237 )}, // í - lowercase i, acute accent - {"icirc", new Integer( 238 )}, // î - lowercase i, circumflex accent - {"iuml", new Integer( 239 )}, // ï - lowercase i, umlaut - {"igrave", new Integer( 236 )}, // ì - lowercase i, grave accent - {"iacute", new Integer( 237 )}, // í - lowercase i, acute accent - {"icirc", new Integer( 238 )}, // î - lowercase i, circumflex accent - {"iuml", new Integer( 239 )}, // ï - lowercase i, umlaut - {"eth", new Integer( 240 )}, // ð - lowercase eth, Icelandic - {"ntilde", new Integer( 241 )}, // ñ - lowercase n, tilde - {"ograve", new Integer( 242 )}, // ò - lowercase o, grave accent - {"oacute", new Integer( 243 )}, // ó - lowercase o, acute accent - {"ocirc", new Integer( 244 )}, // ô - lowercase o, circumflex accent - {"otilde", new Integer( 245 )}, // õ - lowercase o, tilde - {"ouml", new Integer( 246 )}, // ö - lowercase o, umlaut - {"oslash", new Integer( 248 )}, // ø - lowercase o, slash - {"ugrave", new Integer( 249 )}, // ù - lowercase u, grave accent - {"uacute", new Integer( 250 )}, // ú - lowercase u, acute accent - {"ucirc", new Integer( 251 )}, // û - lowercase u, circumflex accent - {"uuml", new Integer( 252 )}, // ü - lowercase u, umlaut - {"yacute", new Integer( 253 )}, // ý - lowercase y, acute accent - {"thorn", new Integer( 254 )}, // þ - lowercase thorn, Icelandic - {"yuml", new Integer( 255 )}, // ÿ - lowercase y, umlaut - {"euro", new Integer( 8364 )},// Euro symbol - }; - - - public HtmlEncoder() - { - for(int i=0; i - * - * e.g. "bread" & "butter" => &quot;bread&quot; &amp; - * &quot;butter&quot; . Update: supports nearly all HTML entities, including funky - * accents. See the source code for more detail. Adapted from - * http://www.purpletech.com/code/src/com/purpletech/util/Utils.java. - * - * @param s1 Description of the Parameter - * @return Description of the Return Value - */ - public static String encode( String s1 ) - { - StringBuffer buf = new StringBuffer(); - - int i; - for ( i = 0; i < s1.length(); ++i ) - { - char ch = s1.charAt( i ); - - String entity = (String) i2e.get( new Integer( (int) ch ) ); - - if ( entity == null ) - { - if ( ( (int) ch ) > 128 ) - { - buf.append( "&#" + ( (int) ch ) + ";" ); - } - else - { - buf.append( ch ); - } - } - else - { - buf.append( "&" + entity + ";" ); - } - } - - return buf.toString(); - } - - - /** - * Given a string containing entity escapes, returns a string containing the actual Unicode - * characters corresponding to the escapes. Adapted from - * http://www.purpletech.com/code/src/com/purpletech/util/Utils.java. - * - * @param s1 Description of the Parameter - * @return Description of the Return Value - */ - public static String decode( String s1 ) - { - StringBuffer buf = new StringBuffer(); - - int i; - for ( i = 0; i < s1.length(); ++i ) - { - char ch = s1.charAt( i ); - - if ( ch == '&' ) - { - int semi = s1.indexOf( ';', i + 1 ); - if ( semi == -1 ) - { - buf.append( ch ); - continue; - } - String entity = s1.substring( i + 1, semi ); - Integer iso; - if ( entity.charAt( 0 ) == '#' ) - { - iso = new Integer( entity.substring( 1 ) ); - } - else - { - iso = (Integer) e2i.get( entity ); - } - if ( iso == null ) - { - buf.append( "&" + entity + ";" ); - } - else - { - buf.append( (char) ( iso.intValue() ) ); - } - i = semi; - } - else - { - buf.append( ch ); - } - } - - return buf.toString(); - } -} diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ThreadWatcher.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ThreadWatcher.java deleted file mode 100644 index 3a5b46b64..000000000 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/ThreadWatcher.java +++ /dev/null @@ -1,90 +0,0 @@ -package org.owasp.webgoat.util; - -import java.util.BitSet; - - -/** - * Copyright (c) 2002 Free Software Foundation developed under the custody of - * the Open Web Application Security Project (http://www.owasp.org) This - * software package org.owasp.webgoat.is published by OWASP under the GPL. You should read and - * accept the LICENSE before you use, modify and/or redistribute this software. - * - *@author jwilliams@aspectsecurity.com - *@created November 6, 2002 - */ -public class ThreadWatcher implements Runnable -{ - // time to live in milliseconds - private BitSet myInterrupted; - private Process myProcess; - private int myTimeout; - - /** - * Constructor for the ThreadWatcher object - * - *@param p Description of the Parameter - *@param interrupted Description of the Parameter - *@param timeout Description of the Parameter - */ - public ThreadWatcher(Process p, BitSet interrupted, int timeout) - { - myProcess = p; - - // thread used by whoever constructed this watcher - myTimeout = timeout; - myInterrupted = interrupted; - } - - /* - * Interrupt the thread by marking the interrupted bit and killing the process - */ - - /** - * Description of the Method - */ - public void interrupt() - { - myInterrupted.set(0); - - // set interrupted bit (bit 0 of the bitset) to 1 - myProcess.destroy(); - - /* - * try - * { - * myProcess.getInputStream().close(); - * } - * catch( IOException e1 ) - * { - * / do nothing -- input streams are probably already closed - * } - * try - * { - * myProcess.getErrorStream().close(); - * } - * catch( IOException e2 ) - * { - * / do nothing -- input streams are probably already closed - * } - * myThread.interrupt(); - */ - } - - - /** - * Main processing method for the ThreadWatcher object - */ - public void run() - { - try - { - Thread.sleep(myTimeout); - } - catch (InterruptedException e) - { - // do nothing -- if watcher is interrupted, so is thread - } - - interrupt(); - } -}