Partial path traversal vulnerability
org.openrewrite.java.security.PartialPathTraversalVulnerability
_Replaces dir.getCanonicalPath().startsWith(parent.getCanonicalPath()
, which is vulnerable to partial path traversal attacks, with the more secure dir.getCanonicalFile().toPath().startsWith(parent.getCanonicalFile().toPath())
.
To demonstrate this vulnerability, consider "/usr/outnot".startsWith("/usr/out")
. The check is bypassed although /outnot
is not under the /out
directory. It's important to understand that the terminating slash may be removed when using various String
representations of the File
object. For example, on Linux, println(new File("/var"))
will print /var
, but println(new File("/var", "/")
will print /var/
; however, println(new File("/var", "/").getCanonicalPath())
will print /var
._
Tags
CWE-22
Recipe source
GitHub, Issue Tracker, Maven Central
groupId: org.openrewrite.recipe
artifactId: rewrite-java-security
version: 2.11.0
Data Tables
Source files that had results
org.openrewrite.table.SourcesFileResults
Source files that were modified by the recipe run.
Column Name | Description |
---|---|
Source path before the run | The source path of the file before the run. |
Source path after the run | A recipe may modify the source path. This is the path after the run. |
Parent of the recipe that made changes | In a hierarchical recipe, the parent of the recipe that made a change. Empty if this is the root of a hierarchy or if the recipe is not hierarchical at all. |
Recipe that made changes | The specific recipe that made a change. |
Estimated time saving | An estimated effort that a developer to fix manually instead of using this recipe, in unit of seconds. |
Cycle | The recipe cycle in which the change was made. |
Source files that errored on a recipe
org.openrewrite.table.SourcesFileErrors
The details of all errors produced by a recipe run.
Column Name | Description |
---|---|
Source path | The file that failed to parse. |
Recipe that made changes | The specific recipe that made a change. |
Stack trace | The stack trace of the failure. |
Recipe performance
org.openrewrite.table.RecipeRunStats
Statistics used in analyzing the performance of recipes.
Column Name | Description |
---|---|
The recipe | The recipe whose stats are being measured both individually and cumulatively. |
Source file count | The number of source files the recipe ran over. |
Source file changed count | The number of source files which were changed in the recipe run. Includes files created, deleted, and edited. |
Cumulative scanning time | The total time spent across the scanning phase of this recipe. |
99th percentile scanning time | 99 out of 100 scans completed in this amount of time. |
Max scanning time | The max time scanning any one source file. |
Cumulative edit time | The total time spent across the editing phase of this recipe. |
99th percentile edit time | 99 out of 100 edits completed in this amount of time. |
Max edit time | The max time editing any one source file. |
Usage
This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.11.0
in your build file or by running a shell command (in which case no build changes are needed):
Add the following to your
build.gradle
file:
Run
gradle rewriteRun
to run the recipe.
See how this recipe works across multiple open-source repositories
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.
Contributors
Jonathan Leitschuh, Knut Wannheden, Patrick, Jonathan Schnéider
Last updated