hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix examples

Browse Source
This commit is contained in:
am0o0
2024-07-13 10:28:19 +02:00
parent dd3cc33298
commit 8ba48e801a
5 changed files with 38 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.favorites.json Normal file
View File

@@ -0,0 +1,10 @@
[
{
"type": "File",
"name": "/home/am/CodeQL-home/codeql-repo-amammad/java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/example_good.java",
"parent_id": null,
"workspaceRoot": "/home/am/CodeQL-home/codeql-repo-amammad",
"workspacePath": "java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/example_good.java",
"id": "VOluGJntmAYZyTdQ"
}
]

25
java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/BadExample.java Normal file
View File

@@ -0,0 +1,25 @@
package org.example;
import java.nio.file.StandardCopyOption;
import java.util.Enumeration;
import java.io.IOException;
import java.util.zip.*;
import java.util.zip.ZipEntry;
import java.io.File;
import java.nio.file.Files;
class BadExample {
public static void ZipInputStreamUnSafe(String filename) throws IOException {
File f = new File(filename);
try (ZipFile zipFile = new ZipFile(f)) {
Enumeration<? extends ZipEntry> entries = zipFile.entries();
while (entries.hasMoreElements()) {
ZipEntry ze = entries.nextElement();
File out = new File("./tmp/tmp.txt");
Files.copy(zipFile.getInputStream(ze), out.toPath(), StandardCopyOption.REPLACE_EXISTING);
}
}
}
}

4
java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp
View File

@@ -17,12 +17,12 @@
<p>
In the following example, the decompressed file size is not checked before decompression, exposing the application to a denial of service.
</p>
<sample src="example_bad.java" />
<sample src="BadExample.java" />
<p>
A better approach is shown in the following example, where a ZIP file is read within a loop and a size threshold is checked every cycle.
</p>
<sample src="example_good.java"/>
<sample src="GoodExample.java"/>
</example>
<references>

2
java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/example_good.java → java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/GoodExample.java
View File

@@ -3,7 +3,7 @@ import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.zip.ZipEntry;
public class Main {
public class GoodExample {
public static void ZipInputStreamSafe(String filename) throws IOException {
int UncompressedSizeThreshold = 10 * 1024 * 1024; // 10MB
int BUFFERSIZE = 256;

22
java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/example_bad.java
View File

@@ -1,22 +0,0 @@
package org.example;
import java.nio.file.StandardCopyOption;
import java.util.Enumeration;
import java.io.IOException;
import java.util.zip.*;
import java.util.zip.ZipEntry;
import java.io.File;
import java.nio.file.Files;
public static void ZipInputStreamUnSafe(String filename) throws IOException {
File f = new File(filename);
try (ZipFile zipFile = new ZipFile(f)) {
Enumeration<? extends ZipEntry> entries = zipFile.entries();
while (entries.hasMoreElements()) {
ZipEntry ze = entries.nextElement();
File out = new File("./tmp/tmp.txt");
Files.copy(zipFile.getInputStream(ze), out.toPath(), StandardCopyOption.REPLACE_EXISTING);
}
}
}