Files
codeql/java/ql/test/query-tests/security/CWE-022/semmle/tests/SanitizationTests2.java
2026-07-03 11:34:06 +01:00

31 lines
1.4 KiB
Java

import java.io.FileInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class SanitizationTests2 {
@GetMapping("/product/vuln/path-injection")
public ResponseEntity<String> vulnerablePathInjection(@RequestParam("path") String path) throws IOException { // $ Source[java/path-injection]
// Intentionally vulnerable for SAST testing: user-controlled path reaches file read sink.
try (FileInputStream stream = new FileInputStream(path)) { // $ Alert[java/path-injection]
byte[] fileContents = stream.readNBytes(1024);
return ResponseEntity.ok(new String(fileContents, StandardCharsets.UTF_8));
}
}
@GetMapping("/product/vuln/path-injection-fix")
public ResponseEntity<String> vulnerablePathInjectionFix(@RequestParam("path")
@javax.validation.constraints.Pattern(regexp = "[a-zA-Z0-9]*") String path) throws IOException {
try (FileInputStream stream = new FileInputStream(path)) {
byte[] fileContents = stream.readNBytes(1024);
return ResponseEntity.ok(new String(fileContents, StandardCharsets.UTF_8));
}
}
}