hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Finish Partial Path Traversal Query

Browse Source
This commit is contained in:
Shyam Mehta
2022-06-28 15:02:06 -04:00
parent 4c7d476280
commit 7122f29296
4 changed files with 47 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversal.expected
View File

@@ -11,7 +11,6 @@
| PartialPathTraversalTest.java:94:14:94:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:102:14:102:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:105:14:105:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:150:9:150:43 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:173:14:173:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:191:18:191:87 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |
| PartialPathTraversalTest.java:209:14:209:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal |

7
java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversalTest.java
View File

@@ -211,6 +211,13 @@ public class PartialPathTraversalTest {
}
}
void foo23(File dir, File parent) throws IOException {
String parentCanonical = parent.getCanonicalPath();
if (!dir.getCanonicalPath().startsWith(parentCanonical + "/")) {
throw new IOException("Invalid directory: " + dir.getCanonicalPath());
}
}
public void doesNotFlag() {
"hello".startsWith("goodbye");
}