From ecad7534ae7b2f6740847c431a0aa17ef02c9012 Mon Sep 17 00:00:00 2001
From: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Date: Tue, 8 Dec 2020 15:31:18 -0500
Subject: [PATCH] Add mkdirs check

---
 .../CWE/CWE-200/TempDirLocalInformationDisclosure2.ql        | 2 +-
 .../test/query-tests/security/CWE-200/semmle/tests/Test.java | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure2.ql b/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure2.ql
index 9ae79bf359e..8f242ab50f4 100644
--- a/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure2.ql
+++ b/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure2.ql
@@ -16,7 +16,7 @@ private class MethodFileSystemFileCreation extends Method {
   MethodFileSystemFileCreation() {
     getDeclaringType() instanceof TypeFile and
     (
-      hasName("mkdir") or
+      hasName(["mkdir", "mkdirs"]) or
       hasName("createNewFile")
     )
   }
diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java b/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java
index 642aace8f6c..798d6d9a85f 100644
--- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java
+++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java
@@ -50,6 +50,11 @@ public class Test {
         tempDirChild.mkdir();
     }
 
+    void vulnerableFileCreateTempFileMkdirsTainted() {
+        File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child");
+        tempDirChild.mkdir();
+    }
+
     void vulnerableFileCreateTempFilesWrite1() {
         File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child");
         Files.write(tempDirChild.toPath(), Arrays.asList("secret"), StandardCharsets.UTF_8, StandardOpenOption.CREATE);