From ebe48ec30a337de6bde644b513f8d2a2c6b3a5d2 Mon Sep 17 00:00:00 2001 From: smehta23 <47726705+smehta23@users.noreply.github.com> Date: Fri, 1 Jul 2022 10:53:43 -0400 Subject: [PATCH] Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp Co-authored-by: Jonathan Leitschuh --- .../Security/CWE/CWE-023/PartialPathTraversal.qhelp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp index 4e900e383ef..e70b27a8628 100644 --- a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp +++ b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp @@ -7,12 +7,12 @@ is meant to access files under a certain directory but does not enters a path under that directory, they can gain access to (and potentially modify/delete) unexpected, possibly sensitive resources.

-

Suppose a program is to only accept paths that point to files/folders within directory DIR. -To ensure that a user inputted path, say SUBDIR, is a subdirectory of DIR, the -program verifies that DIR is a prefix of SUBDIR. -However, this check is not satisfactory: unless DIR is not slash-terminated, +

Suppose a program is to only accept paths that point to files/folders within directory DIR. +To ensure that a user supplied path, say SUBDIR, is a subdirectory of DIR, the +program verifies, using string comparisons, that DIR is a prefix of SUBDIR. +However, if DIR is not slash-terminated, such a check would not be sufficient. SUBDIR may be allowed to also access siblings of DIR and not -just children of DIR, which is a security issue.

+just children of DIR, which is a security vulnerability.