SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 70

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 71

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The application intends to restrict the user from operating on files outside the /tmp directory and uses a validate() method to enforce this condition. An adversary attacker who can create symbolic links in /tmp can cause the program to pass validation checks by supplying the unresolved path. All file operations performed are reflected in the file pointed to by the symbolic link.

...

This compliant solution uses the getCanonicalPath() method, introduced in Java 2, because it resolves all aliases, shortcuts or symbolic links consistently, across all platforms. The value of the alias (if any) is not included in the returned value. Moreover, relative references like the double period (..) are also removed so that the input is reduced to a canonicalized form before validation is carried out. An adversary attacker cannot use ../ sequences to break out of the specified directory when the validate() method is present.

...

CVE-2005-0789

 

CVE-2008-5518

 

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="096082dd9018fba7-44b0829b-4b134264-8fa39ea3-a107b5fcb1dd50257c8337aa"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 171

http://cwe.mitre.org/data/definitions/171.html] "Cleansing, Canonicalization, and Comparison Errors"]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID 647 "Use of Non-Canonical URL Paths for Authorization Decisions"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="83c9885eacf92220-08e12832-45b34775-b545a374-982a80bd8ef4dc65017c3e79"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method getCanonicalPath()

http://java.sun.com/javase/6/docs/api/java/io/File.html#getCanonicalPath()]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="442c43ba94886bb9-43cee312-494a46fa-a1c3a7ee-54d950b6f6c51b9816e7da04"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method getCanonicalFile()

http://java.sun.com/javase/6/docs/api/java/io/File.html#getCanonicalFile()]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7d05e72011d9b515-3db0f43e-482b472c-9987b08c-c784efa1856b3291bf0cbeb6"><ac:plain-text-body><![CDATA[

[[Harold 1999

AA. Bibliography#Harold 99]]

 

]]></ac:plain-text-body></ac:structured-macro>

...