The product receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component.
N/A
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
N/A
N/A
| Phase | Note |
|---|---|
| Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
Intro: The following code takes untrusted input and uses a regular expression to filter "../" from the input. It then appends this result to the /home/user/ directory and attempts to read the file in the final resulting path.
Body: Since the regular expression does not have the /g global match modifier, it only removes the first instance of "../" it comes across. So an input value such as:
my $Username = GetUntrustedInput(); $Username =~ s/\.\.\///; my $filename = "/home/user/" . $Username; ReadAndSendFile($filename);