vuln-fix: Temporary Directory Hijacking or Information Disclosure

This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure. Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions Severity: High CVSSS: 7.3 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory) Reported-by: Jonathan Leitschuh <[email protected]> Signed-off-by: Jonathan Leitschuh <[email protected]> Bug-tracker: JLLeitschuh/security-research#10 Co-authored-by: Moderne <[email protected]>
BulkSecurityGeneratorProjectV2 · Oct 4, 2022 · ef15e33 · ef15e33
1 parent 09b9480
commit ef15e33
Showing 1 changed file with 3 additions and 8 deletions.
diff --git a/.../java/org/wso2/carbon/automation/extensions/servers/tomcatserver/TomcatServerManager.java b/.../java/org/wso2/carbon/automation/extensions/servers/tomcatserver/TomcatServerManager.java
@@ -31,6 +31,7 @@
 import javax.servlet.ServletException;
 import java.io.File;
 import java.io.IOException;
+import java.nio.file.Files;
 
 public class TomcatServerManager {
     private final static Log log = LogFactory.getLog(TomcatServerManager.class);
@@ -120,13 +121,7 @@ private void handleException(Exception e) {
     }
 
     private File createBaseDirectory(String basedirLocal) throws IOException {
-        final File base = File.createTempFile("jaxrs-tmp-", "", new File(basedirLocal));
-        if (!base.delete()) {
-            throw new IOException("Cannot (re)create base folder: " + base.getAbsolutePath());
-        }
-        if (!base.mkdir()) {
-            throw new IOException("Cannot create base folder: " + base.getAbsolutePath());
-        }
+        final File base = Files.createTempDirectory(new File(basedirLocal).toPath(), "jaxrs-tmp-").toFile();
         return base;
     }
 
@@ -154,4 +149,4 @@ public void run() {
             log.error("Server startup failed :" + e.getMessage());
         }
     }
-}
+}