Partial path traversal vulnerability
org.openrewrite.java.security.PartialPathTraversalVulnerability
_Replaces
dir.getCanonicalPath().startsWith(parent.getCanonicalPath()
, which is vulnerable to partial path traversal attacks, with the more secure dir.getCanonicalFile().toPath().startsWith(parent.getCanonicalFile().toPath())
.To demonstrate this vulnerability, consider
"/usr/outnot".startsWith("/usr/out")
. The check is bypassed although /outnot
is not under the /out
directory. It's important to understand that the terminating slash may be removed when using various String
representations of the File
object. For example, on Linux, println(new File("/var"))
will print /var
, but println(new File("/var", "/")
will print /var/
; however, println(new File("/var", "/").getCanonicalPath())
will print /var
._- CWE-22
- groupId: org.openrewrite.recipe
- artifactId: rewrite-java-security
- version: 2.0.4
This recipe has no required configuration options. It can be activated by adding a dependency on
org.openrewrite.recipe:rewrite-java-security:2.0.4
in your build file or by running a shell command (in which case no build changes are needed):Gradle
Gradle init script
Maven POM
Maven Command Line
- 1.Add the following to your
build.gradle
file:
build.gradle
plugins {
id("org.openrewrite.rewrite") version("6.3.11")
}
rewrite {
activeRecipe("org.openrewrite.java.security.PartialPathTraversalVulnerability")
}
repositories {
mavenCentral()
}
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.0.4")
}
- 2.Run
gradle rewriteRun
to run the recipe.
- 1.Create a file named
init.gradle
in the root of your project.
init.gradle
initscript {
repositories {
maven { url "https://plugins.gradle.org/m2" }
}
dependencies { classpath("org.openrewrite:plugin:6.3.11") }
}
rootProject {
plugins.apply(org.openrewrite.gradle.RewritePlugin)
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.0.4")
}
rewrite {
activeRecipe("org.openrewrite.java.security.PartialPathTraversalVulnerability")
}
afterEvaluate {
if (repositories.isEmpty()) {
repositories {
mavenCentral()
}
}
}
}
- 2.Run
gradle --init-script init.gradle rewriteRun
to run the recipe.
- 1.Add the following to your
pom.xml
file:
pom.xml
<project>
<build>
<plugins>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>5.5.2</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.security.PartialPathTraversalVulnerability</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-java-security</artifactId>
<version>2.0.4</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>
- 2.Run
mvn rewrite:run
to run the recipe.
shell
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
-Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:RELEASE \
-Drewrite.activeRecipes=org.openrewrite.java.security.PartialPathTraversalVulnerability
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.