hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: add File.getName as a path injection sanitizer

Browse Source
This commit is contained in:
Jami Cogswell
2024-12-04 16:56:49 -05:00
parent ccfb32e989
commit 121780c55a
2 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java
View File

@@ -71,4 +71,19 @@ public class TaintedPath {
fileLine = fileReader.readLine();
}
}
public void sendUserFileGood4(Socket sock, String user) throws IOException {
BufferedReader filenameReader =
new BufferedReader(new InputStreamReader(sock.getInputStream(), "UTF-8"));
String filename = filenameReader.readLine();
File file = new File(filename);
String baseName = file.getName();
// GOOD: only use the final component of the user provided path
BufferedReader fileReader = new BufferedReader(new FileReader(baseName));
String fileLine = fileReader.readLine();
while (fileLine != null) {
sock.getOutputStream().write(fileLine.getBytes());
fileLine = fileReader.readLine();
}
}
}