mirror of
https://github.com/github/codeql.git
synced 2025-12-19 02:13:17 +01:00
29 lines
816 B
Ruby
29 lines
816 B
Ruby
class UsersController < ActionController::Base
|
|
def create
|
|
file = params[:file]
|
|
open(file) # BAD
|
|
IO.read(file) # BAD
|
|
IO.write(file) # BAD
|
|
IO.binread(file) # BAD
|
|
IO.binwrite(file) # BAD
|
|
IO.foreach(file) # BAD
|
|
IO.readlines(file) # BAD
|
|
URI.open(file) # BAD
|
|
|
|
IO.read(File.join(file, "")) # BAD - file as first argument to File.join
|
|
IO.read(File.join("", file)) # GOOD - file path is sanitised by guard
|
|
|
|
File.open(file).read # GOOD
|
|
|
|
if file == "some/const/path.txt"
|
|
open(file) # GOOD - file path is sanitised by guard
|
|
end
|
|
|
|
if %w(some/const/1.txt some/const/2.txt).include? file
|
|
IO.read(file) # GOOD - file path is sanitised by guard
|
|
end
|
|
|
|
open(file) # BAD - sanity check to verify that file was not mistakenly marked as sanitized
|
|
end
|
|
end
|