You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Joe Bowser (JIRA)" <ji...@apache.org> on 2017/08/17 20:46:00 UTC
[jira] [Resolved] (CB-13186) HP Fortify SCA - Dynamic Code
Evaluation: Unsafe Deserialization issue in
cordova-plugin-file/src/android/AssetFilesystem.java
[ https://issues.apache.org/jira/browse/CB-13186?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joe Bowser resolved CB-13186.
-----------------------------
Resolution: Not A Problem
How can the user interact with assets that are zipped and are packaged with the application? If the assets are already compromised, we have bigger issues than this bug. This isn't user-facing code, and is dealing with Android's asset manager. I highly suspect that this is a false positive picked up by HP Fortify looking for JSP bugs.
> HP Fortify SCA - Dynamic Code Evaluation: Unsafe Deserialization issue in cordova-plugin-file/src/android/AssetFilesystem.java
> ------------------------------------------------------------------------------------------------------------------------------
>
> Key: CB-13186
> URL: https://issues.apache.org/jira/browse/CB-13186
> Project: Apache Cordova
> Issue Type: Bug
> Components: cordova-android, cordova-plugin-file
> Affects Versions: 5.1.1
> Environment: Android 4 (Crosswalk)
> Reporter: GSS FED
> Assignee: Joe Bowser
>
> Dynamic Code Evaluation: Unsafe Deserialization
> [https://vulncat.hpefod.com/en/detail?id=desc.structural.java.dynamic_code_evaluation_unsafe_deserialization]
> Abstract:
> 在執行階段,還原序列化使用者控制的物件串流可能會讓攻擊者在伺服器上執行任意程式碼、濫用應用程式邏輯和/或造成阻斷服務。
> Line: 56
> Snippet:
> {code:java}
> try { ois = new ObjectInputStream(assetManager.open("cdvasset.manifest")); listCache = (Map<String, String[]>) ois.readObject(); lengthCache = (Map<String, Long>) ois.readObject(); listCacheFromFile = true;
> {code}
> TargetFunction: FunctionCall: readObject()
> Line: 57
> Snippet:
> {code:java}
> ois = new ObjectInputStream(assetManager.open("cdvasset.manifest")); listCache = (Map<String, String[]>) ois.readObject(); lengthCache = (Map<String, Long>) ois.readObject(); listCacheFromFile = true; } catch (ClassNotFoundException e) {
> {code}
> TargetFunction: FunctionCall: readObject()
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org