A cross-site and a file canonicalization problems

Hi. I'm analyzing my code C# with CAT.NET Code Analysis and getting "Sanitize the file path prior to passing it to file system routines" message for File.Move(Path + "\\...

and a cross-site redirection vulnerability “Do not allow off-site redirections to absolute URLs that can be specified by the user” for  Response.Redirect("file:" + Path + "\\...

Is there any solution to these problem?  Thanks!

protected void Button1_Click(object sender, EventArgs e)
{
 if (FileExt == "aa")
 {
   if (ListBox1.SelectedValue == "")
   {
     Response.Redirect("Page1.aspx");
   }
   else
   {
Response.Redirect("file:" + Path + "\\filepath_aa\\" + Status + "\\" + ListBox1.SelectedValue);
   }
 }
 else if (FileExt == "bb")
 {
   if (ListBox1.SelectedValue == "")
   {
     Response.Redirect("Page1.aspx");
   }
   else
   {
Response.Redirect("file:" + Path + "\\filepath_bb\\" + Status + "\\" + ListBox1.SelectedValue);
   }
 }
}

protected void Button2_Click(object sender, EventArgs e)
{
 if (FileExt == "aa")
 {
  if (Status == "New")
  {
   if (ListBox1.SelectedValue == "")
   {
     Response.Redirect("Page1.aspx");
   }
   else
   {
File.Move(Path + "\\filepath_aa\\New\\" + ListBox1.SelectedValue, Path + "\\filepath_aa\\New\\New_Items\\" + ListBox1.SelectedValue);
   }
  }
  else if (Status == "Closed")
  {
   if (ListBox1.SelectedValue == "")
   {
     Response.Redirect("Page1.aspx");
   }
   else
   {
File.Move(Path + "\\filepath_aa\\Closed\\" + ListBox1.SelectedValue, Path + "\\filepath_aa\\Closed\\Closed_Items\\" + ListBox1.SelectedValue);
    }
   }…
avi7Asked:
Who is Participating?
 
wdosanjosConnect With a Mentor Commented:
I think your ListBox1.SelectedValue variable is causing the problem.

Try validating ListBox1.SelectedValue against the list used to populate it.  This is to garantee that the user did not temper with the values.  Maybe something like this:

Dim validValues As HashSet(Of String)
Dim selectedValue As String

selectedValue = validValues(ListBox1.SelectedValue)

...

Response.Redirect("file:" + Path + "\\filepath_aa\\" + Status + "\\" + selectedValue);

Open in new window


If Path and Status also come from user input they need to be validated also.

I hope this helps.
0
 
avi7Author Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.