From 868205811a212402ac440804aec9d8563a0f1bf3 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Mon, 29 Apr 2024 17:00:20 +0545
Subject: [PATCH] Fixing LFI

---
 .../cloud/sonic/folder/controller/UploadController.java   | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sonic-server-folder/src/main/java/org/cloud/sonic/folder/controller/UploadController.java b/sonic-server-folder/src/main/java/org/cloud/sonic/folder/controller/UploadController.java
index 09139e22..1f018bd6 100644
--- a/sonic-server-folder/src/main/java/org/cloud/sonic/folder/controller/UploadController.java
+++ b/sonic-server-folder/src/main/java/org/cloud/sonic/folder/controller/UploadController.java
@@ -97,9 +97,13 @@ public RespModel<String> uploadRecord(@RequestParam(name = "file") MultipartFile
         if (!uuidFolder.exists()) {
             uuidFolder.mkdirs();
         }
+        
         String fileName = file.getOriginalFilename();
-        String newName = fileName.substring(0, fileName.indexOf(".mp4")) + "-" + index + ".mp4";
-        File local = new File(uuidFolder.getPath() + File.separator + newName);
+        if (fileName != null) {
+            fileName = new File(fileName).getName();
+            String newName = fileName.substring(0, fileName.indexOf(".mp4")) + "-" + index + ".mp4";
+            File local = new File(uuidFolder.getPath() + File.separator + newName);
+            }
         RespModel<String> responseModel;
         try {
             file.transferTo(local.getAbsoluteFile());