Codemod: path-traversal-join Semgrep #685
Description
running semgrep on pygoat
❯❱ python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join
Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability,
which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or
os.path.realpath or Path library.
Details: https://sg.run/Dovo
916┆ file=request.POST["blog"]
917┆ try :
918┆ dirname = os.path.dirname(__file__)
919┆ filename = os.path.join(dirname, file)
920┆ file = open(filename,"r")
921┆ data = file.read()
922┆ return render(request,"Lab/ssrf/ssrf_lab.html",{"blog":data})
923┆ except:
924┆ return render(request, "Lab/ssrf/ssrf_lab.html", {"blog": "No blog found"})
I don't believe we currently have a codemod for this pattern, but we could use deterministically try to implement the suggestion semgrep is giving us.