Skip to content

Commit

Permalink
Add mkdirs check
Browse files Browse the repository at this point in the history
  • Loading branch information
JLLeitschuh committed Dec 8, 2020
1 parent e0b0f91 commit 1b216f8
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ private class MethodFileSystemFileCreation extends Method {
MethodFileSystemFileCreation() {
getDeclaringType() instanceof TypeFile and
(
hasName("mkdir") or
hasName(["mkdir", "mkdirs"]) or
hasName("createNewFile")
)
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@ void vulnerableFileCreateTempFileMkdirTainted() {
tempDirChild.mkdir();
}

void vulnerableFileCreateTempFileMkdirsTainted() {
File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child");
tempDirChild.mkdir();
}

void vulnerableFileCreateTempFilesWrite1() {
File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child");
Files.write(tempDirChild.toPath(), Arrays.asList("secret"), StandardCharsets.UTF_8, StandardOpenOption.CREATE);
Expand Down

0 comments on commit 1b216f8

Please sign in to comment.