You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by dk...@apache.org on 2022/11/19 01:32:51 UTC
[sling-org-apache-sling-auth-form] branch master updated: vuln-fix: Temporary File Information Disclosure
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git
The following commit(s) were added to refs/heads/master by this push:
new e88381f vuln-fix: Temporary File Information Disclosure
new 03de5cd Merge pull request #6 from BulkSecurityGeneratorProjectV2/fix/JLL/temporary_file_local_information_disclosure
e88381f is described below
commit e88381f96d2daf5d038290275ca7e67b5380574a
Author: Jonathan Leitschuh <Jo...@gmail.com>
AuthorDate: Fri Nov 18 22:46:00 2022 +0000
vuln-fix: Temporary File Information Disclosure
This fixes temporary file information disclosure vulnerability due to the use
of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by
using the `Files.createTempFile()` method which sets the correct posix permissions.
Weakness: CWE-377: Insecure Temporary File
Severity: Medium
CVSSS: 5.5
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation)
Reported-by: Jonathan Leitschuh <Jo...@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jo...@gmail.com>
Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/18
Co-authored-by: Moderne <te...@moderne.io>
---
src/test/java/org/apache/sling/auth/form/impl/TokenStoreTest.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/test/java/org/apache/sling/auth/form/impl/TokenStoreTest.java b/src/test/java/org/apache/sling/auth/form/impl/TokenStoreTest.java
index fad6038..b849ef9 100644
--- a/src/test/java/org/apache/sling/auth/form/impl/TokenStoreTest.java
+++ b/src/test/java/org/apache/sling/auth/form/impl/TokenStoreTest.java
@@ -8,6 +8,7 @@ import static org.junit.Assert.assertTrue;
import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
+import java.nio.file.Files;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.Duration;
@@ -53,7 +54,7 @@ import org.junit.Test;
@Before
public void setup() throws IOException, InvalidKeyException, NoSuchAlgorithmException, IllegalStateException {
- tokenFile = File.createTempFile(getClass().getName(), "tokenstore");
+ tokenFile = Files.createTempFile(getClass().getName(), "tokenstore").toFile();
store = new TokenStore(tokenFile, SESSION_TIMEOUT_MSEC, DEFAULT_FAST_SEED);
encodedToken = store.encode(DEFAULT_EXPIRATION_TIME_MSEC, USER_ID);
}