-
-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
4.2.0 #2450
4.2.0 #2450
Conversation
👋 @ajinabraham |
perm_755 = stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH | ||
perm_644 = stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH | ||
# Set permissions for directories and files | ||
for item in base_path.rglob('*'): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. This can be achieved by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the root folder. This approach will prevent path traversal attacks by ensuring that the path does not escape the intended directory.
- Normalize the
path
usingos.path.normpath
. - Check that the normalized path starts with the intended base directory.
- If the check fails, raise an exception or handle the error appropriately.
-
Copy modified lines R966-R969 -
Copy modified line R973
@@ -965,2 +965,6 @@ | ||
base_path = Path(path) | ||
base_dir = Path(settings.BASE_DIR) | ||
normalized_path = base_path.resolve() | ||
if not str(normalized_path).startswith(str(base_dir)): | ||
raise Exception("Path traversal attempt detected") | ||
perm_755 = stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH | ||
@@ -968,3 +972,3 @@ | ||
# Set permissions for directories and files | ||
for item in base_path.rglob('*'): | ||
for item in normalized_path.rglob('*'): | ||
try: |
context['appsec'] = get_android_dashboard(context, True) | ||
context['average_cvss'] = get_avg_cvss(context['code_analysis']) | ||
logcat_file = Path(app_dic['app_dir']) / 'logcat.txt' | ||
context['dynamic_analysis_done'] = logcat_file.exists() |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We can achieve this by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the root folder. This will prevent any path traversal attacks.
- Normalize the
logcat_file
path usingos.path.normpath
. - Check that the normalized path starts with the expected base directory (
app_dic['app_dir']
). - If the check fails, raise an exception or handle the error appropriately.
-
Copy modified line R6 -
Copy modified lines R265-R268
@@ -5,2 +5,3 @@ | ||
from pathlib import Path | ||
import os | ||
|
||
@@ -263,3 +264,6 @@ | ||
logcat_file = Path(app_dic['app_dir']) / 'logcat.txt' | ||
context['dynamic_analysis_done'] = logcat_file.exists() | ||
normalized_logcat_file = Path(os.path.normpath(logcat_file)) | ||
if not str(normalized_logcat_file).startswith(str(Path(app_dic['app_dir']).resolve())): | ||
raise Exception("Invalid logcat file path") | ||
context['dynamic_analysis_done'] = normalized_logcat_file.exists() | ||
context['virus_total'] = None |
# Eclipse | ||
man = app_path / 'AndroidManifest.xml' | ||
src = app_path / 'src' | ||
if man.is_file() and src.exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file paths are contained within a safe root directory. This can be achieved by normalizing the path and verifying that it starts with the expected base directory. Specifically, we will:
- Normalize the
app_path
usingos.path.normpath
. - Check that the normalized path starts with the expected base directory.
-
Copy modified line R457 -
Copy modified lines R459-R463 -
Copy modified lines R495-R496 -
Copy modified line R504
@@ -456,4 +456,9 @@ | ||
|
||
def is_android_source(app_path): | ||
def is_android_source(app_path, base_dir): | ||
"""Detect Android Source and IDE Type.""" | ||
# Normalize and validate app_path | ||
app_path = Path(os.path.normpath(app_path)) | ||
if not str(app_path).startswith(str(base_dir)): | ||
raise Exception("Invalid app path") | ||
|
||
# Eclipse | ||
@@ -489,3 +494,4 @@ | ||
app_path = Path(app_dir) | ||
ide, is_and = is_android_source(app_path) | ||
base_dir = Path(settings.UPLD_DIR) | ||
ide, is_and = is_android_source(app_path, base_dir) | ||
|
||
@@ -497,3 +503,3 @@ | ||
if subdir.is_dir() and subdir.exists(): | ||
ide, is_and = is_android_source(subdir) | ||
ide, is_and = is_android_source(subdir, base_dir) | ||
if ide: |
# Eclipse | ||
man = app_path / 'AndroidManifest.xml' | ||
src = app_path / 'src' | ||
if man.is_file() and src.exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We will normalize the path using os.path.normpath
to remove any ".." segments and then check that the normalized path starts with the root folder. This will prevent path traversal attacks.
- Normalize the
app_path
usingos.path.normpath
. - Check that the normalized
app_path
starts with the predefined base directory (settings.UPLD_DIR
). - If the check fails, raise an exception or handle the error appropriately.
-
Copy modified line R6 -
Copy modified lines R490-R493
@@ -5,2 +5,3 @@ | ||
from pathlib import Path | ||
import os | ||
|
||
@@ -488,3 +489,6 @@ | ||
|
||
app_path = Path(app_dir) | ||
app_path = Path(os.path.normpath(app_dir)) | ||
base_dir = Path(settings.UPLD_DIR).resolve() | ||
if not str(app_path.resolve()).startswith(str(base_dir)): | ||
raise Exception("Invalid app directory path") | ||
ide, is_and = is_android_source(app_path) |
man = app_path / 'app' / 'src' / 'main' / 'AndroidManifest.xml' | ||
java = app_path / 'app' / 'src' / 'main' / 'java' | ||
kotlin = app_path / 'app' / 'src' / 'main' / 'kotlin' | ||
if man.is_file() and (java.exists() or kotlin.exists()): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file paths are contained within a safe root directory. This can be achieved by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the intended base directory. This approach will prevent directory traversal attacks by ensuring that any ".." segments are resolved and the final path is within the allowed directory.
- Normalize the constructed path using
os.path.normpath
. - Check that the normalized path starts with the base directory.
- Raise an exception or handle the error if the path is not within the allowed directory.
-
Copy modified line R457 -
Copy modified lines R459-R465 -
Copy modified line R469 -
Copy modified line R476 -
Copy modified line R489 -
Copy modified line R497 -
Copy modified line R505
@@ -456,4 +456,11 @@ | ||
|
||
def is_android_source(app_path): | ||
def is_android_source(app_path, base_dir): | ||
"""Detect Android Source and IDE Type.""" | ||
def is_within_base_dir(path, base): | ||
return os.path.commonpath([path]) == os.path.commonpath([path, base]) | ||
|
||
# Normalize paths | ||
app_path = Path(os.path.normpath(app_path)) | ||
base_dir = Path(os.path.normpath(base_dir)) | ||
|
||
# Eclipse | ||
@@ -461,3 +468,3 @@ | ||
src = app_path / 'src' | ||
if man.is_file() and src.exists(): | ||
if is_within_base_dir(man, base_dir) and man.is_file() and src.exists(): | ||
return 'eclipse', True | ||
@@ -468,3 +475,3 @@ | ||
kotlin = app_path / 'app' / 'src' / 'main' / 'kotlin' | ||
if man.is_file() and (java.exists() or kotlin.exists()): | ||
if is_within_base_dir(man, base_dir) and man.is_file() and (java.exists() or kotlin.exists()): | ||
return 'studio', True | ||
@@ -481,3 +488,3 @@ | ||
|
||
def valid_source_code(checksum, app_dir): | ||
def valid_source_code(checksum, app_dir, base_dir): | ||
"""Test if this is a valid source code zip.""" | ||
@@ -489,3 +496,3 @@ | ||
app_path = Path(app_dir) | ||
ide, is_and = is_android_source(app_path) | ||
ide, is_and = is_android_source(app_path, base_dir) | ||
|
||
@@ -497,3 +504,3 @@ | ||
if subdir.is_dir() and subdir.exists(): | ||
ide, is_and = is_android_source(subdir) | ||
ide, is_and = is_android_source(subdir, base_dir) | ||
if ide: |
man = app_path / 'app' / 'src' / 'main' / 'AndroidManifest.xml' | ||
java = app_path / 'app' / 'src' / 'main' / 'java' | ||
kotlin = app_path / 'app' / 'src' / 'main' / 'kotlin' | ||
if man.is_file() and (java.exists() or kotlin.exists()): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We can achieve this by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the root folder. This will prevent any path traversal attempts.
- Normalize the
app_path
usingos.path.normpath
. - Check that the normalized
app_path
starts with the intended root directory (settings.UPLD_DIR
). - If the check fails, raise an exception or handle the error appropriately.
-
Copy modified line R6 -
Copy modified lines R490-R493
@@ -5,2 +5,3 @@ | ||
from pathlib import Path | ||
import os | ||
|
||
@@ -488,3 +489,6 @@ | ||
|
||
app_path = Path(app_dir) | ||
app_path = Path(os.path.normpath(app_dir)) | ||
root_dir = Path(settings.UPLD_DIR).resolve() | ||
if not str(app_path.resolve()).startswith(str(root_dir)): | ||
raise Exception("Invalid app directory path") | ||
ide, is_and = is_android_source(app_path) |
man = app_path / 'app' / 'src' / 'main' / 'AndroidManifest.xml' | ||
java = app_path / 'app' / 'src' / 'main' / 'java' | ||
kotlin = app_path / 'app' / 'src' / 'main' / 'kotlin' | ||
if man.is_file() and (java.exists() or kotlin.exists()): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file paths are contained within a safe root folder. We can achieve this by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the root folder. This will prevent any path traversal attacks.
- Normalize the constructed paths using
os.path.normpath
. - Check that the normalized paths start with the expected root folder.
- Raise an exception if the paths are not within the expected root folder.
-
Copy modified line R457 -
Copy modified lines R459-R466 -
Copy modified line R498
@@ -456,4 +456,12 @@ | ||
|
||
def is_android_source(app_path): | ||
def is_android_source(app_path, root_path): | ||
"""Detect Android Source and IDE Type.""" | ||
# Normalize paths | ||
app_path = Path(os.path.normpath(app_path)) | ||
root_path = Path(os.path.normpath(root_path)) | ||
|
||
# Ensure paths are within the root directory | ||
if not str(app_path).startswith(str(root_path)): | ||
raise Exception("Path traversal detected") | ||
|
||
# Eclipse | ||
@@ -489,3 +497,3 @@ | ||
app_path = Path(app_dir) | ||
ide, is_and = is_android_source(app_path) | ||
ide, is_and = is_android_source(app_path, Path(settings.UPLD_DIR)) | ||
|
def move_to_parent(inside_path, app_path): | ||
"""Move contents of inside to app dir.""" | ||
for item in inside_path.iterdir(): | ||
shutil.move(str(item), str(app_path)) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We will normalize the path using os.path.normpath
and then check that the normalized path starts with the root folder. This will prevent directory traversal attacks and ensure that the file operations are performed within the intended directory.
- Normalize the
app_path
usingos.path.normpath
. - Check that the normalized path starts with the expected base directory.
- If the check fails, raise an exception or handle the error appropriately.
-
Copy modified lines R477-R480
@@ -476,2 +476,6 @@ | ||
"""Move contents of inside to app dir.""" | ||
app_path = Path(os.path.normpath(app_path)) | ||
base_dir = Path(settings.UPLD_DIR).resolve() | ||
if not str(app_path).startswith(str(base_dir)): | ||
raise Exception("Invalid path: outside of allowed directory") | ||
for item in inside_path.iterdir(): |
…race and update intent dumper
_, exc, _ = exc_info | ||
if exc.errno == errno.EACCES: # Permission error | ||
try: | ||
os.chmod(path, 0o777) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the path
variable used in the onerror
function is validated to prevent path traversal attacks. We can achieve this by normalizing the path
and ensuring it is within a predefined safe directory.
- Normalize the
path
usingos.path.normpath
to remove any ".." segments. - Check that the normalized
path
starts with the root directory of the application data.
-
Copy modified lines R60-R64 -
Copy modified lines R67-R68 -
Copy modified line R73
@@ -59,6 +59,11 @@ | ||
_, exc, _ = exc_info | ||
safe_root = os.path.abspath('/path/to/safe/root') # Define the safe root directory | ||
normalized_path = os.path.normpath(path) | ||
if not normalized_path.startswith(safe_root): | ||
logger.error('Unsafe path detected: %s', path) | ||
return | ||
if exc.errno == errno.EACCES: # Permission error | ||
try: | ||
os.chmod(path, 0o777) | ||
func(path) | ||
os.chmod(normalized_path, 0o777) | ||
func(normalized_path) | ||
except Exception: | ||
@@ -67,3 +72,3 @@ | ||
try: | ||
func(path) | ||
func(normalized_path) | ||
except Exception: |
try: | ||
# Extract Device Data | ||
if not tar_loc.exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to validate the tar_loc
path before using it to open the tar file. We can achieve this by ensuring that the tar_loc
path is contained within a safe root directory. This involves normalizing the path and checking that it starts with the expected base directory.
- Normalize the
tar_loc
path usingos.path.normpath
. - Check that the normalized path starts with the expected base directory.
- Raise an exception if the path is not valid.
-
Copy modified lines R80-R83
@@ -79,2 +79,6 @@ | ||
# Extract Device Data | ||
base_path = os.path.abspath(settings.UPLD_DIR) | ||
tar_loc = os.path.normpath(tar_loc) | ||
if not tar_loc.startswith(base_path): | ||
raise Exception('Invalid tar file location') | ||
if not tar_loc.exists(): |
# Extract Device Data | ||
if not tar_loc.exists(): | ||
return False | ||
if untar_dir.exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the untar_dir
path is validated before it is used. We can achieve this by normalizing the path and checking that it is within a safe root directory. This approach will prevent directory traversal attacks by ensuring that the constructed path does not escape the intended directory.
- Normalize the
untar_dir
path usingos.path.normpath
. - Check that the normalized path starts with the intended root directory.
- Raise an exception if the path is not within the intended directory.
-
Copy modified lines R82-R85
@@ -81,2 +81,6 @@ | ||
return False | ||
# Normalize and validate untar_dir | ||
untar_dir = os.path.normpath(untar_dir) | ||
if not untar_dir.startswith(os.path.abspath(Path(untar_dir).parent)): | ||
raise Exception('Invalid untar_dir path') | ||
if untar_dir.exists(): |
return False | ||
if untar_dir.exists(): | ||
# fix for permission errors | ||
shutil.rmtree(untar_dir, onerror=onerror) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the untar_dir
path is validated before it is used. We can achieve this by normalizing the path and ensuring it is contained within a predefined safe directory. This will prevent any path traversal attacks.
- Normalize the
untar_dir
path usingos.path.normpath
. - Check that the normalized path starts with a predefined safe directory.
- Raise an exception if the path is not within the safe directory.
-
Copy modified lines R82-R86
@@ -81,2 +81,7 @@ | ||
return False | ||
# Normalize and validate untar_dir | ||
safe_base_dir = os.path.abspath('/safe/base/directory') | ||
untar_dir = os.path.normpath(untar_dir) | ||
if not untar_dir.startswith(safe_base_dir): | ||
raise Exception('Invalid extraction directory') | ||
if untar_dir.exists(): |
# fix for permission errors | ||
shutil.rmtree(untar_dir, onerror=onerror) | ||
else: | ||
os.makedirs(untar_dir) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the untar_dir
path is validated before it is used to create directories or extract files. We can achieve this by normalizing the path and ensuring it is contained within a safe root directory. This approach will prevent directory traversal attacks by ensuring that the constructed path does not escape the intended directory.
- Normalize the
untar_dir
path usingos.path.normpath
. - Check that the normalized path starts with the intended root directory.
- Raise an exception if the path validation fails.
-
Copy modified lines R82-R86
@@ -81,2 +81,7 @@ | ||
return False | ||
# Normalize and validate untar_dir | ||
untar_dir = os.path.normpath(untar_dir) | ||
safe_root = os.path.normpath('/path/to/safe/root') # Define a safe root directory | ||
if not untar_dir.startswith(safe_root): | ||
raise Exception('Invalid extraction directory') | ||
if untar_dir.exists(): |
@@ -62,7 +62,7 @@ | |||
sha1 = hashlib.sha1() | |||
sha256 = hashlib.sha256() | |||
block_size = 65536 | |||
with io.open(app_path, mode='rb') as afile: | |||
with open(app_path, mode='rb') as afile: |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the app_path
is validated and sanitized before being used in file operations. This can be achieved by normalizing the path and ensuring it is within a predefined safe directory.
- Normalize the
app_path
usingos.path.normpath
to remove any ".." segments. - Check that the normalized path starts with the expected base directory.
- If the path is not valid, raise an exception or handle the error appropriately.
-
Copy modified lines R65-R69 -
Copy modified lines R91-R95
@@ -64,2 +64,7 @@ | ||
block_size = 65536 | ||
# Validate and sanitize app_path | ||
base_path = os.path.join(settings.UPLD_DIR, checksum + '/') | ||
app_path = os.path.normpath(app_path) | ||
if not app_path.startswith(base_path): | ||
raise Exception("Invalid app_path") | ||
with open(app_path, mode='rb') as afile: | ||
@@ -85,2 +90,7 @@ | ||
files = [] | ||
# Validate and sanitize app_path | ||
base_path = os.path.join(settings.UPLD_DIR, checksum + '/') | ||
app_path = os.path.normpath(app_path) | ||
if not app_path.startswith(base_path): | ||
raise Exception("Invalid app_path") | ||
with zipfile.ZipFile(app_path, 'r') as zipptr: |
'hash': md5_hash, | ||
}) | ||
# Walk through the directory | ||
for file_path in Path(src).rglob('*'): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to validate the src
parameter to ensure it does not contain any malicious input that could lead to path traversal vulnerabilities. The best way to do this is to normalize the path using os.path.normpath
and then check that the normalized path starts with a predefined safe root directory. This ensures that the path is contained within a safe directory and does not traverse outside of it.
- Normalize the
src
path usingos.path.normpath
. - Check that the normalized path starts with a predefined safe root directory.
- Raise an exception if the path is not within the safe root directory.
-
Copy modified line R7 -
Copy modified lines R37-R46 -
Copy modified line R48 -
Copy modified line R60
@@ -6,2 +6,3 @@ | ||
from pathlib import Path | ||
import os | ||
|
||
@@ -35,4 +36,14 @@ | ||
|
||
# Define a safe root directory | ||
safe_root = Path(settings.UPLD_DIR) | ||
|
||
# Normalize the src path | ||
normalized_src = Path(os.path.normpath(src)) | ||
|
||
# Check if the normalized path is within the safe root directory | ||
if not normalized_src.resolve().startswith(safe_root.resolve()): | ||
raise Exception("Path traversal attempt detected") | ||
|
||
# Walk through the directory | ||
for file_path in Path(src).rglob('*'): | ||
for file_path in normalized_src.rglob('*'): | ||
if (file_path.is_file() | ||
@@ -48,3 +59,3 @@ | ||
# Append file details | ||
relative_path = file_path.relative_to(src) | ||
relative_path = file_path.relative_to(normalized_src) | ||
filez.append(str(relative_path)) |
out = subprocess.run(args, capture_output=True) | ||
except Exception: | ||
# Fails or PNG is not crushed | ||
shutil.copy2(icon_file, outfile.as_posix()) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to validate the paths constructed from user-controlled data before using them to access files. We will normalize the path using os.path.normpath
and ensure that the resulting path is within a safe root directory. This will prevent directory traversal attacks and ensure that only intended files are accessed.
- Normalize the
bin_path
usingos.path.normpath
. - Check that the normalized
bin_path
starts with the expected root directory. - Apply similar validation to the
icon_file
path before using it.
-
Copy modified lines R31-R34 -
Copy modified lines R42-R45
@@ -30,3 +30,6 @@ | ||
append_scan_status(md5, msg) | ||
bin_path = os.path.join(bin_dir, binary + '.app') | ||
bin_path = os.path.normpath(os.path.join(bin_dir, binary + '.app')) | ||
if not bin_path.startswith(os.path.normpath(bin_dir)): | ||
logger.warning('App binary directory path traversal attempt detected') | ||
return | ||
if not is_dir_exists(bin_path): | ||
@@ -38,3 +41,6 @@ | ||
return | ||
icon_file = icons.pop() | ||
icon_file = os.path.normpath(icons.pop()) | ||
if not icon_file.startswith(bin_path): | ||
logger.warning('App icon path traversal attempt detected') | ||
return | ||
outfile = Path(settings.DWD_DIR) / f'{md5}-icon.png' |
out = subprocess.run(args, capture_output=True) | ||
except Exception: | ||
# Fails or PNG is not crushed | ||
shutil.copy2(icon_file, outfile.as_posix()) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We can achieve this by normalizing the path using os.path.normpath
and then checking that the normalized path starts with the root folder. This will prevent any path traversal attacks and ensure that the file operations are performed within the intended directory.
- Normalize the
outfile
path usingos.path.normpath
. - Check that the normalized path starts with the
settings.DWD_DIR
directory. - If the check fails, raise an exception or handle the error appropriately.
-
Copy modified lines R41-R43
@@ -40,2 +40,5 @@ | ||
outfile = Path(settings.DWD_DIR) / f'{md5}-icon.png' | ||
normalized_outfile = os.path.normpath(outfile) | ||
if not normalized_outfile.startswith(os.path.normpath(settings.DWD_DIR)): | ||
raise Exception("Invalid file path") | ||
app_dict['icon_path'] = outfile.name |
shutil.copy2(icon_file, outfile.as_posix()) | ||
else: | ||
logger.warning('CgbiPngFix not available for %s %s', system, arch) | ||
shutil.copy2(icon_file, outfile.as_posix()) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file paths are validated before being used. We can achieve this by normalizing the paths and ensuring they are within a safe root directory. Specifically, we will:
- Normalize the
bin_path
andicon_file
paths usingos.path.normpath
. - Ensure that the normalized paths start with the expected root directory (
bin_dir
).
-
Copy modified lines R31-R34 -
Copy modified line R38 -
Copy modified lines R42-R45
@@ -30,3 +30,6 @@ | ||
append_scan_status(md5, msg) | ||
bin_path = os.path.join(bin_dir, binary + '.app') | ||
bin_path = os.path.normpath(os.path.join(bin_dir, binary + '.app')) | ||
if not bin_path.startswith(os.path.normpath(bin_dir)): | ||
logger.warning('App binary directory path traversal detected') | ||
return | ||
if not is_dir_exists(bin_path): | ||
@@ -34,3 +37,3 @@ | ||
return | ||
icons = glob.glob(bin_path + '/AppIcon*png') | ||
icons = glob.glob(os.path.join(bin_path, 'AppIcon*png')) | ||
if not icons: | ||
@@ -38,3 +41,6 @@ | ||
return | ||
icon_file = icons.pop() | ||
icon_file = os.path.normpath(icons.pop()) | ||
if not icon_file.startswith(bin_path): | ||
logger.warning('App icon path traversal detected') | ||
return | ||
outfile = Path(settings.DWD_DIR) / f'{md5}-icon.png' |
shutil.copy2(icon_file, outfile.as_posix()) | ||
else: | ||
logger.warning('CgbiPngFix not available for %s %s', system, arch) | ||
shutil.copy2(icon_file, outfile.as_posix()) |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to ensure that the constructed file path is safe and does not allow path traversal or access to unintended files. We can achieve this by normalizing the path and verifying that it is contained within a safe root directory.
- Normalize the
outfile
path usingos.path.normpath
to remove any ".." segments. - Check that the normalized path starts with the root directory (
settings.DWD_DIR
). - If the path is not within the root directory, raise an exception or handle the error appropriately.
-
Copy modified lines R41-R43
@@ -40,2 +40,5 @@ | ||
outfile = Path(settings.DWD_DIR) / f'{md5}-icon.png' | ||
outfile = Path(os.path.normpath(outfile)) | ||
if not str(outfile).startswith(str(Path(settings.DWD_DIR))): | ||
raise Exception("Invalid file path") | ||
app_dict['icon_path'] = outfile.name |
app_dic['app_path'], | ||
app_dic['app_dir']) | ||
# Identify Payload directory | ||
dirs = app_dic['app_dirp'].glob('**/*') |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression
Copilot Autofix AI 2 months ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, CodeQL findings are false positives.
Describe the Pull Request
androguard
.string_on_binary
.AbstractVerifier
.CertificateTransparencyInterceptor
.django-q2
-based asynchronous scans for Android and iOS binaries and source code.audit-webview
.trace-javascript-interface
.libsast
for improved file reading, multiprocessing, and multithreading.httptools
andlibsast
dependencies.Checklist for PR
tox -e lint,test
StaticAnalyzer/tests.py
)Additional Comments (if any)