Missing protection against path traversal
- Rule ID: java_lang_path_traversal
- Languages: java
- Source: path_traversal.yml
Description
Allowing unsanitized user input in path resolution methods means an attacker could gain access to files and folders outside of the intended scope (path traversal).
Remediations
❌ Wherever possible, avoid constructing filepaths with user input
✅ Use Paths helpers to normalize filepaths. This removes unwanted patterns in the path such as \..\..
that could lead to path traversal attacks
public class Cls extends HttpServlet
{
public void handleRequest(HttpServletRequest request, HttpServletResponse response)
{
String image = request.getParameter("user_profile_picture");
// normalize path
Path imagePath = Paths.get("user/profile/" + FilenameUtils.getName(image)).normalize();
File file = new File(imagePath.toString());
}
}
Resources
Associated CWE
OWASP Top 10
Configuration
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=java_lang_path_traversal
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=java_lang_path_traversal