We help IT Professionals succeed at work.

file.writealltext path traversal vulnerability as per fortify scan ..error CWE 022

Devildib
Devildib asked
on
111 Views
Last Modified: 2018-12-03
hello experts,

in my code that got fortify scanned, there was a line file.writealltext(pathparam, strdata)...where pathparam is a combination of filename and current directory set somewhere above in the code. This line came under scanner advising to correct the break. I tried using a small method to validate the pathparam value by wrapping the pathparam value inside getfullpath method and if correctly returned used the same in file writealltext.Stilk the vulnerability exists. Kindly advise best way to fix this, if possible by a sample code. Many Thanks.
Comment
Watch Question

Alfredo Luis Torres SerranoASP .Net Developer

Commented:
Directory Traversal or Path Traversal is an HTTP exploit that allows an attacker to access restricted files, directories and commands that reside outside the web server’s root directory. It is also known as the ../ (dot dot slash) attack, directory climbing, and backtracking.

These kind of attacks are commonly performed using web browsers.

pathparam variable contains "..\ ..\ ..\test" . thus pathparam variable is something like "..\ ..\ test_DATA_DATA.pdf" . When you try to create that file with writealltext(pathparam) function. That may lead to create this file at out out directory.

For mitigate you can replace backslash with empty too ( ..%2f..%2f is encoded form of ..\ ..\ ! please, consider this too ) . Fortify can mark this codes as a vulnerable again but this time it will be false positive.

Hope this helps

Author

Commented:
can you please provide a smaple..say two liner tonshow how encoding would hapoen and how to use the encoded value in place of the pathparam?

Author

Commented:
also to mention...its a c# windows application that i am working upon
ASP .Net Developer
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.