vuln-fix: Temporary Directory Hijacking or Information Disclosure

This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure. Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions Severity: High CVSSS: 7.3 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory) Reported-by: Jonathan Leitschuh <[email protected]> Signed-off-by: Jonathan Leitschuh <[email protected]> Bug-tracker: JLLeitschuh/security-research#10 Co-authored-by: Moderne <[email protected]>
JLLeitschuh · Jul 27, 2022 · bf9fb4d · bf9fb4d
1 parent d9af702
commit bf9fb4d
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 19 deletions.
diff --git a/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java b/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java
@@ -76,10 +76,8 @@ void setup() {
     @DisplayName("should be able to create based on a worktree")
     @Test
     void testCreateWithWorkTree() throws Exception {
-        File workTree = File.createTempFile("workTree", null);
-        if (workTree.delete() && workTree.mkdir()) {
-            workTree.deleteOnExit();
-        }
+        File workTree = Files.createTempDirectory("workTree").toFile();
+        workTree.deleteOnExit();
 
         File gitDir = new File(workTree, DOT_GIT);
         if (gitDir.mkdir()) {
@@ -125,10 +123,8 @@ void testCreateWithWorkTreeAndGitDir() throws Exception {
     @DisplayName("should be able to create based on a subdirectory of a worktree")
     @Test
     void testCreateWithWorkTreeChild() throws Exception {
-        File workTree = File.createTempFile("workTree", null);
-        if (workTree.delete() && workTree.mkdir()) {
-            workTree.deleteOnExit();
-        }
+        File workTree = Files.createTempDirectory("workTree").toFile();
+        workTree.deleteOnExit();
 
         File workTreeChild = new File(workTree, "child");
         if (workTreeChild.mkdir()) {
@@ -157,20 +153,16 @@ void testCreateWithWorkTreeChild() throws Exception {
     @DisplayName("should be able to create based on a linked worktree")
     @Test
     void testCreateWithLinkedWorktree() throws Exception {
-        File realGitDir = File.createTempFile(DOT_GIT, null);
-        if (realGitDir.delete() && realGitDir.mkdir()) {
-            realGitDir.deleteOnExit();
-        }
+        File realGitDir = Files.createTempDirectory(DOT_GIT).toFile();
+        realGitDir.deleteOnExit();
 
         File gitDir = new File(realGitDir, DOT_GIT + "/worktrees/test");
         if (gitDir.mkdir()) {
             gitDir.deleteOnExit();
         }
 
-        File workTree = File.createTempFile("workTree", null);
-        if (workTree.delete() && workTree.mkdir()) {
-            workTree.deleteOnExit();
-        }
+        File workTree = Files.createTempDirectory("workTree").toFile();
+        workTree.deleteOnExit();
 
         File originalGitDir = new File(workTree, DOT_GIT);
         Files.createFile(originalGitDir.toPath());

diff --git a/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java b/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java
@@ -10,6 +10,7 @@
 import org.codehaus.plexus.util.FileUtils;
 
 import java.io.File;
+import java.nio.file.Files;
 import java.util.Properties;
 
 import org.apache.maven.plugin.MojoExecutionException;
@@ -179,9 +180,7 @@ void testInitErrorSkipNoGit() throws Exception {
     @DisplayName("should ignore errors when skipNoGit is set")
     @Test
     void testInitRepository() throws Exception {
-        File baseDir = File.createTempFile("mavanagaiata-tests-baseDir", null);
-        baseDir.delete();
-        baseDir.mkdirs();
+        File baseDir = Files.createTempDirectory("mavanagaiata-tests-baseDir").toFile();
         FileUtils.forceDeleteOnExit(baseDir);
 
         File gitDir = File.createTempFile("mavanagaiata-tests-gitDir", null);