SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 51

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 52

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added isRegularFile check to CS

...

This compliant solution uses the isInSecureDir() method to ensure that an attacker cannot tamper with the file to be opened and subsequently removed. Note that once the path name of a directory has been checked using isInSecureDir(), all further file operations on that directory must be performed using the same path. This compliant solution also makes sure the requested file is indeed a regular file, and not a symbolic link, device file, etc.

Code Block
bgColor#ccccff#ccccff

String file = /* provided by user */
try {
  Path path = Paths.get( file);
  if (!isInSecureDir( path)) {
    System.out.println("File not in secure directory");
    return;
  }

  BasicFileAttributes attr = Files.readAttributes(
    path, BasicFileAttributes.class, LinkOption.NOFOLLOW_LINKS
  );

  // Check
  if (!attr.isRegularFile())
String file = /* provided by user */
if (!isInSecureDir(Paths.get( file))) {
    System.out.println("FileNot nota inregular secure directoryfile");
    return;
  }
  // other necessary checks

  try (InputStream in = Files.newInputStream(file)) {
     // read file
  }
} catch (IOException x) {
  // handle error
}

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e8a3370ab97e989b-70e2f18e-4fef4d7c-9d948992-ce0a894141a85b190bcb17c4"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

Class File, methods createTempFile, delete, deleteOnExit

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="277c29db09591789-75bef24d-4d8c4d35-8bda8f6f-579a385eaca7f011f46fbfae"><ac:plain-text-body><![CDATA[

[[CVE 2008

AA. Bibliography#CVE 08]]

[CVE-2008-5354

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5354]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8bc166d656cc8ade-1ccaaaff-45c94ea1-b0d09e10-1facfa24784476a25dd8eb30"><ac:plain-text-body><![CDATA[

[[Darwin 2004

AA. Bibliography#Darwin 04]]

11.5 Creating a Transient File

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="27090352c1e95156-a70bebc7-410b4627-a31e9abd-c95bfc195a5aa3396bcf7902"><ac:plain-text-body><![CDATA[

[[Garfinkel 1996

AA. Bibliography#Garfinkel 96]]

Section 5.6, "Device Files"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0c107fa7444ec202-fb40ac6b-4cb14c68-a3e09ffd-0767bd59258e6139ee180b63"><ac:plain-text-body><![CDATA[

[[Howard 2002

AA. Bibliography#Howard 02]]

Chapter 11, "Canonical Representation Issues"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f10b8f9a02ef834d-7508a566-45b140e0-902686d3-0a9831bb7694918ff9a0e02a"><ac:plain-text-body><![CDATA[

[[J2SE 2011

AA. Bibliography#J2SE 11]]

The try-with-resources Statement

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9274f3fe20e11dc7-96b1eb0c-4a454a54-84bdb67f-97cf8ddc29e87839261f4710"><ac:plain-text-body><![CDATA[

[[Open Group 2004

AA. Bibliography#Open Group 04]]

[open()

http://www.opengroup.org/onlinepubs/009695399/functions/open.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ef1005ed68427831-7a9f43eb-42e04939-b9b99c9a-79a4b3d9f13005cbeda7f4a2"><ac:plain-text-body><![CDATA[

[[SDN 2008

AA. Bibliography#SDN 08]]

Bug IDs: 4171239, 4405521, 4635827, 4631820

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="49a16c0e31167850-a2db9798-4f804a96-8d6d9b45-68b2b1bc424170859f17c8bd"><ac:plain-text-body><![CDATA[

[[Secunia 2008

AA. Bibliography#Secunia 08]]

[Secunia Advisory 20132

http://secunia.com/advisories/20132/]

]]></ac:plain-text-body></ac:structured-macro>

...