org.apache.commons.fileupload
Class InvalidFileNameException

java.lang.Object
  java.lang.Throwable
      java.lang.Exception
          java.lang.RuntimeException
              org.apache.commons.fileupload.InvalidFileNameException

All Implemented Interfaces:

Serializable

public class InvalidFileNameException
extends RuntimeException

This exception is thrown in case of an invalid file name. A file name is invalid, if it contains a NUL character. Attackers might use this to circumvent security checks: For example, a malicious user might upload a file with the name "foo.exe\0.png". This file name might pass security checks (i.e. checks for the extension ".png"), while, depending on the underlying C library, it might create a file named "foo.exe", as the NUL character is the string terminator in C.

See Also:

Serialized Form

Constructor Summary

InvalidFileNameException(String pName, String pMessage)
Creates a new instance.

Method Summary

String

getName() Returns the invalid file name.

Methods inherited from class java.lang.Throwable

fillInStackTrace, getCause, getLocalizedMessage, getMessage, getStackTrace, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

InvalidFileNameException

public InvalidFileNameException(String pName,
                                String pMessage)

Creates a new instance.

Parameters:

pName - The file name causing the exception.

pMessage - A human readable error message.

Method Detail

getName

public String getName()

Returns the invalid file name.