[Esapi-user] Path Manipulation Validation
jim.manico at owasp.org
Sun Nov 14 04:35:36 EST 2010
> If I'm attempting to open a file, then it is my assumption that the
getValidFileName should be used. Is this assumption correct?
Saving a file, yes. But opening a file? It depends on the situation. Can you
tell us more about the architecture of the feature you are trying to fix?
When I write FileIO code with user-driven files, I try to never let user
data drive FileIO commands. For example, if the user is submitting a file
upload, I create a new random file name and save the file in a private
directory using this new file name that I created. I validate and use the
original file name just for a user reference. Make sense?
> When is a good time to use getValidDirectoryPath?
I can normally get away with never letting the user drive a path as well.
For example, I might create a folder based on the userId (a private internal
piece of data) lookup the file based on a fileID that I created at upload
time. But can you tell us more about this feature? It will be easier to
provide good advice.
From: esapi-user-bounces at lists.owasp.org
[mailto:esapi-user-bounces at lists.owasp.org] On Behalf Of Springett Steven
Sent: Monday, November 08, 2010 10:51 AM
To: esapi-user at lists.owasp.org
Subject: [Esapi-user] Path Manipulation Validation
I'm attempting to remove many path manipulation vulnerabilities in some
I've been playing with DefaultValidator and the getValidFileName and
getValidDirectoryPath methods and need some clarity.
If I'm attempting to open a file, then it is my assumption that the
getValidFileName should be used. Is this assumption correct? When is a good
time to use getValidDirectoryPath?
Also, I'm looking at the Javadoc for getValidDirectoryPath and there's a
parameter missing from the doc. Specifically, 'java.io.File parent'. What is
parent suppose to be? I'm a little confused. Is this the parent directory of
the directory I'm suppose to be checking? If so, then that doesn't make a
whole lot of sense, but perhaps I do not understand the reasoning.
Any clarification would be extremely helpful.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user