Devildib
asked on
file.writealltext path traversal vulnerability as per fortify scan ..error CWE 022
hello experts,
in my code that got fortify scanned, there was a line file.writealltext(pathpara m, strdata)...where pathparam is a combination of filename and current directory set somewhere above in the code. This line came under scanner advising to correct the break. I tried using a small method to validate the pathparam value by wrapping the pathparam value inside getfullpath method and if correctly returned used the same in file writealltext.Stilk the vulnerability exists. Kindly advise best way to fix this, if possible by a sample code. Many Thanks.
in my code that got fortify scanned, there was a line file.writealltext(pathpara
ASKER
can you please provide a smaple..say two liner tonshow how encoding would hapoen and how to use the encoded value in place of the pathparam?
ASKER
also to mention...its a c# windows application that i am working upon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
These kind of attacks are commonly performed using web browsers.
pathparam variable contains "..\ ..\ ..\test" . thus pathparam variable is something like "..\ ..\ test_DATA_DATA.pdf" . When you try to create that file with writealltext(pathparam) function. That may lead to create this file at out out directory.
For mitigate you can replace backslash with empty too ( ..%2f..%2f is encoded form of ..\ ..\ ! please, consider this too ) . Fortify can mark this codes as a vulnerable again but this time it will be false positive.
Hope this helps