Improper limitation of a pathname to a restricted directory ('Path Traversal')

Description

The filename provided by the FileUpload API can be tampered with by the client to reference unauthorized files. The provided filename should be properly validated to ensure it’s properly structured, contains no unauthorized path characters (e.g., / \), and refers to an authorized file.

Rationale

The filename provided by the FileUpload API can be tampered with by the client to reference unauthorized files. The provided filename should be properly validated to ensure it’s properly structured, contains no unauthorized path characters (e.g., / \), and refers to an authorized file.

The following code illustrates a vulnerable pattern detected by this rule:

def handleFileCommon(req: HttpServletRequest): Unit = {
  val upload = new ServletFileUpload(new DiskFileItemFactory())
  val fileItems = upload.parseRequest(req)
  for (item <- fileItems.asScala) {
    // VULNERABLE: Improper limitation of a pathname to a restricted directory ('Path Traversal')
    println("Saving " + item.getName() + "...")
  }
}

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References

CWE-22
OWASP Top 10 2021 - A01 : Broken Access Control.