Swapped obsolete and vulnerable ini4j library for Apache Commons comm…

…ons-configuration2 library.

pom.xml

@@ -64,8 +64,9 @@
       <artifactId>jna-platform</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.ini4j</groupId>
-      <artifactId>ini4j</artifactId>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-configuration2</artifactId>
+      <version>2.10.1</version>
     </dependency>
 	<dependency>
 	  <groupId>org.mozilla</groupId>

src/main/java/com/github/markusbernhardt/proxy/search/browser/firefox/FirefoxProxySearchStrategy.java

@@ -18,6 +18,7 @@
 import com.github.markusbernhardt.proxy.util.PlatformUtil.Platform;
 import com.github.markusbernhardt.proxy.util.ProxyException;
 import com.github.markusbernhardt.proxy.util.ProxyUtil;
+import org.apache.commons.configuration2.ex.ConfigurationException;
 
 /*****************************************************************************
  * Loads the Firefox3 proxy settings from the users Firefox3 settings. This will
@@ -170,7 +171,7 @@ public Properties readSettings() throws ProxyException {
 		try {
 			Properties settings = settingsParser.parseSettings(profileScanner);
 			return settings;
-		} catch (IOException e) {
+		} catch (IOException | ConfigurationException e) {
 			throw new ProxyException("No Firefox installation found");
 		}
 	}

src/main/java/com/github/markusbernhardt/proxy/search/browser/firefox/FirefoxSettingParser.java

@@ -10,11 +10,12 @@
 import java.util.Properties;
 import java.util.stream.Collectors;
 
-import org.ini4j.Ini;
-import org.ini4j.Profile.Section;
+import org.apache.commons.configuration2.*;
+import org.apache.commons.configuration2.ex.ConfigurationException;
 
 import com.github.markusbernhardt.proxy.util.Logger;
 import com.github.markusbernhardt.proxy.util.Logger.LogLevel;
+import java.io.*;
 
 /*****************************************************************************
  * Parser for the Firefox settings file. Will extract all relevant proxy settings form the configuration file.
@@ -43,7 +44,7 @@ public FirefoxSettingParser() {
      *             on read error.
      ************************************************************************/
 
-    public Properties parseSettings(FirefoxProfileSource source) throws IOException {
+    public Properties parseSettings(FirefoxProfileSource source) throws IOException, ConfigurationException {
         File settingsFile = getSettingsFile(source);
 
         Properties result = new Properties();
@@ -94,47 +95,64 @@ private String removeDoubleQuotes(String string) {
      * @throws IOException
      *             on read error.
      */
-    protected File getSettingsFile(FirefoxProfileSource source) throws IOException {
+    protected File getSettingsFile(FirefoxProfileSource source) throws IOException, ConfigurationException {
         // Read profiles.ini
         File profilesIniFile = source.getProfilesIni();
         if (profilesIniFile.exists()) {
-            Ini profilesIni = new Ini(profilesIniFile);
-
-            final List<String> keysFF67 =
-                profilesIni.keySet().stream().filter(s -> s.startsWith("Install")).collect(Collectors.toList());
-            if (!keysFF67.isEmpty()) {
-                Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings for FF67+ detected.");
-
-                for (String keyFF67 : keysFF67) {
-
-                    Logger.log(getClass(), LogLevel.DEBUG, "Current FF67+ section key is: {}", keysFF67);
-                    Section section = profilesIni.get(keyFF67);
-
-                    if ("1".equals(section.get("Locked"))) {
-                        File profileFolder =
-                            new File(profilesIniFile.getParentFile().getAbsolutePath(), section.get("Default"));
-                        Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings folder is {}", profileFolder);
-
-                        File settingsFile = new File(profileFolder, "prefs.js");
-                        return settingsFile;
+            INIConfiguration profilesIni = new INIConfiguration();
+            try (FileReader fileReader = new FileReader(profilesIniFile)) {
+                profilesIni.read(fileReader);
+
+                final List<String> keysFF67 =
+                    profilesIni.getSections().stream().filter(s -> s.startsWith("Install")).collect(Collectors.toList());
+                if (!keysFF67.isEmpty()) {
+                    Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings for FF67+ detected.");
+
+                    for (String keyFF67 : keysFF67) {
+
+                        Logger.log(getClass(), LogLevel.DEBUG, "Current FF67+ section key is: {}", keysFF67);
+                        SubnodeConfiguration section = profilesIni.getSection(keyFF67);
+
+                        Object propLocked = section.getProperty("Locked");
+                        if ((propLocked!=null)&&("1".equals(propLocked.toString()))) {
+                            Object propDefault = section.getProperty("Default");
+                            if (propDefault!=null) {
+                              File profileFolder =
+                                  new File(profilesIniFile.getParentFile().getAbsolutePath(), propDefault.toString());
+                              Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings folder is {}", profileFolder);
+
+                              File settingsFile = new File(profileFolder, "prefs.js");
+                              return settingsFile;
+                            }
+                        }
                     }
                 }
-            }
-            else {
-                for (Entry<String, Section> entry : profilesIni.entrySet()) {
-
-                    Logger
-                        .log(getClass(), LogLevel.TRACE, "Current entry, key: {}, value: {}", entry.getKey(),
-                            entry.getValue());
-
-                    if ("default".equals(entry.getValue().get("Name"))
-                        && "1".equals(entry.getValue().get("IsRelative"))) {
-                        File profileFolder =
-                            new File(profilesIniFile.getParentFile().getAbsolutePath(), entry.getValue().get("Path"));
-                        Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings folder is {}", profileFolder);
-
-                        File settingsFile = new File(profileFolder, "prefs.js");
-                        return settingsFile;
+                else {  //FIXME - does this mean we have no sections in pre FF67 ini files? or just no sections starting "Install"?
+                    for (String section : profilesIni.getSections()) {
+                        SubnodeConfiguration confSection = profilesIni.getSection(section);
+
+                        if (confSection!=null) {
+                            Logger
+                                .log(getClass(), LogLevel.TRACE, "Current entry, key: {}, value: {}", section,
+                                    confSection.toString());
+
+                            Object propName = confSection.getProperty("Name");
+                            Object propRelative = confSection.getProperty("IsRelative");
+                            if ((propName!=null)&&(propRelative!=null)) {
+                                if ("default".equals(propName.toString())
+                                    && "1".equals(propRelative.toString())) {
+                                    Object propPath = confSection.getProperty("Path");
+                                    if (propPath!=null) {
+                                        File profileFolder =
+                                            new File(profilesIniFile.getParentFile().getAbsolutePath(), propPath.toString());
+                                        Logger.log(getClass(), LogLevel.DEBUG, "Firefox settings folder is {}", profileFolder);
+
+                                        File settingsFile = new File(profileFolder, "prefs.js");
+                                        return settingsFile;
+                                    }
+                                }
+                            }
+                        }
                     }
                 }
             }