Effectiveness of rules those related to Java path traversal.
MarkLee131 opened this issue · 0 comments
Hi, I find that Horusec failed to detect all Java path traversal vulnerabilities when performing on OWASP Benchmark. Furthermore, I observed that there are only 3 rules (HS-JAVA-54, HS-JAVA-55, and HS-JAVA-56) to detect related vulnerabilities.
Taking HS-JAVA-54 as an instance, it seems to be too strict for this regex. To my understanding, it looks like this rule only checks the code javax.ws.rs.PathParam
, but there are many cases when using this package. For example, one may import it first by import javax.ws.rs.Path
and then use it by @javax.ws.rs.PathParam( )
.
Expressions: []*regexp.Regexp{
regexp.MustCompile(`(.*\@javax\.ws\.rs\.PathParam\(['|"]?\w+[[:print:]]['|"]?\).*)`),
regexp.MustCompile(`(.*new File\(['|"]?.*,\s?\w+\).*)`),
}
What would you like to be added:
I am very interested in Horusec SAST, especially in Horusc-CLI Java, and hope to contribute to improving it. Looking forward to your kind reply!
Why is this needed:
This vulnerability is more common in the Java language. If improved, it will enhance the detection capability of the tool a lot.