From 893438bab4253a18345ecd432e54d20428930bb1 Mon Sep 17 00:00:00 2001
From: "Ole V. Villumsen" <olvi@kb.dk>
Date: Wed, 16 Apr 2025 15:04:04 +0200
Subject: [PATCH 1/2] BEV-121 Fix issue with zipping large report files (not
 tested yet)

---
 .../web/RestIntegrityService.java             | 35 +++++++++++--------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/bitrepository-integrity-service/src/main/java/org/bitrepository/integrityservice/web/RestIntegrityService.java b/bitrepository-integrity-service/src/main/java/org/bitrepository/integrityservice/web/RestIntegrityService.java
index 9a5301465..45d0262f7 100644
--- a/bitrepository-integrity-service/src/main/java/org/bitrepository/integrityservice/web/RestIntegrityService.java
+++ b/bitrepository-integrity-service/src/main/java/org/bitrepository/integrityservice/web/RestIntegrityService.java
@@ -63,6 +63,7 @@
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.StringWriter;
 import java.nio.file.Files;
@@ -372,7 +373,7 @@ public StreamingOutput getLatestIntegrityReport(@QueryParam("collectionID") Stri
     public Response getIntegrityReportsAsZIP(@QueryParam("collectionID") String collectionID,
                                              @QueryParam("reports") List<String> reports) {
         String fileName = "IntegrityReports.zip";
-        HashMap<String, File> files = new HashMap<>();
+        Map<String, File> files = new HashMap<>();
 
         for (String report : reports) {
             String[] parts = report.split("-", 2);
@@ -380,23 +381,27 @@ public Response getIntegrityReportsAsZIP(@QueryParam("collectionID") String coll
         }
 
         StreamingOutput streamingOutput = output -> {
-            ZipOutputStream zipOut = new ZipOutputStream(output);
             // Add the full integrity report to the hashmap
             files.put("report", integrityReportProvider.getLatestIntegrityReportReader(collectionID).getFullReport());
 
-            // Zip each file in the files hashmap
-            files.forEach((key, value) -> {
-                try {
-                    zipOut.putNextEntry(new ZipEntry(key));
-                    zipOut.write(Files.readAllBytes(value.toPath()));
-                    zipOut.flush();
-                } catch (IOException e) {
-                    throw new WebApplicationException(status(Status.INTERNAL_SERVER_ERROR).entity(
-                            "Something went wrong when trying to zip the file " + key + ".").type(
-                            MediaType.TEXT_PLAIN).build());
-                }
-            });
-            zipOut.close();
+            try (ZipOutputStream zipOut = new ZipOutputStream(output)) {
+                // Zip each file in the files hashmap
+                files.forEach((key, value) -> {
+                    try {
+                        zipOut.putNextEntry(new ZipEntry(key));
+                        try (InputStream is = Files.newInputStream(value.toPath())) {
+                            is.transferTo(zipOut);
+                        }
+                        zipOut.flush();
+                    } catch (IOException e) {
+                        throw new WebApplicationException(
+                                status(Status.INTERNAL_SERVER_ERROR)
+                                        .entity("Internal error when trying to zip the report file " + key + ": " + e)
+                                        .type(MediaType.TEXT_PLAIN)
+                                        .build());
+                    }
+                });
+            }
         };
         ResponseBuilder response = Response.ok();
         response.type("application/zip");

From a37ee104a21b00f68ace0d90bc5c2326ade3e9b9 Mon Sep 17 00:00:00 2001
From: "Ole V. Villumsen" <olvi@kb.dk>
Date: Wed, 16 Apr 2025 15:24:16 +0200
Subject: [PATCH 2/2] Avoid vulnerability in PostgreSQL before 42.4.4

---
 bitrepository-service/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bitrepository-service/pom.xml b/bitrepository-service/pom.xml
index b85efc600..2bed07d6a 100644
--- a/bitrepository-service/pom.xml
+++ b/bitrepository-service/pom.xml
@@ -39,7 +39,7 @@
     <dependency>
       <groupId>org.postgresql</groupId>
       <artifactId>postgresql</artifactId>
-      <version>42.4.1</version>
+      <version>42.4.5</version>
     </dependency>
     <dependency>
       <groupId>com.mchange</groupId>