Update java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp

Co-authored-by: Jonathan Leitschuh <jonathan.leitschuh@gmail.com>
2026-06-18 11:21:07 +02:00 · 2022-07-01 10:53:43 -04:00
parent 48e16e52b5
commit ebe48ec30a
1 changed files with 5 additions and 5 deletions
--- a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp
+++ b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp
@@ -7,12 +7,12 @@
 is meant to access files under a certain directory but does not enters a path under that directory, they can gain access to 
 (and potentially modify/delete) unexpected, possibly sensitive resources. </p>

-<p> Suppose a program is to only accept paths that point to files/folders within directory <code>DIR</code>. 
-To ensure that a user inputted path, say <code>SUBDIR</code>, is a subdirectory of <code>DIR</code>, the 
-program verifies that <code>DIR</code> is a prefix of <code>SUBDIR</code>.
-However, this check is not satisfactory: unless <code>DIR</code> is not slash-terminated, 
+<p>Suppose a program is to only accept paths that point to files/folders within directory <code>DIR</code>. 
+To ensure that a user supplied path, say <code>SUBDIR</code>, is a subdirectory of <code>DIR</code>, the 
+program verifies, using string comparisons, that <code>DIR</code> is a prefix of <code>SUBDIR</code>.
+However, if <code>DIR</code> is not slash-terminated, such a check would not be sufficient. 
 <code>SUBDIR</code> may be allowed to also access siblings of <code>DIR</code> and not 
-just children of <code>DIR</code>, which is a security issue. </p>
+just children of <code>DIR</code>, which is a security vulnerability.</p>

 </overview>
 <recommendation>