Unsanitized dynamic input in file path
- Rule ID: python_lang_path_traversal
- Languages: python
- Source: path_traversal.yml
Description
Using unsanitized dynamic input to determine file paths can allow attackers to gain access to files and folders outside of the intended scope. This vulnerability occurs when input provided by users is directly used to access the filesystem without proper validation or sanitization.
Remediations
- Do not directly use external input to construct file paths. This can lead to unauthorized file access.
- Do sanitize external input used in file paths. Use
os.path.normpath
to normalize paths and remove any redundant separators in order to prevent path traversal attacks.os.path.normpath(os.path.join(base_directory, user_input))
- Do use absolute path checks to confirm that the constructed path is within the expected directory
base = os.path.abspath(base_directory)
user_path = os.path.abspath(os.path.join(base_directory, user_input))
if user_path.startswith(base)
# Handle or reject the input
References
Associated CWE
OWASP Top 10
Configuration
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=python_lang_path_traversal
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=python_lang_path_traversal