Akiner Alkan
Reputation: 6882
Command Injection Vulnerability in Java
I am trying to run Microsoft Rdp application from code.
I have the following pseudo-code and SonarQube complains about Command Injection Vulnerability
String rdpFilePath = myObject.getRdpFilePath() // get path of .rdp settings file
ProcessBuilder processBuilder = new ProcessBuilder();
processBuilder.command("mstsc", rdpFilePath).start();
SonarQube Issue explanation is following:
-Potential Command Injection-
The highlighted API is used to execute a system command.
If unfiltered input is passed to this API, it can lead to arbitrary command execution.
How can filter my input and how can i fix this security issue?
Upvotes: 1
Views: 4756
Answers (1)
berserkk
Reputation: 1007
Your sample is pretty safe. The one thing you should add here before executing mstsc is checking, that rdpFilePath file exists.
You have security issue in a case, if you put unfiltered user input as a 1st argument of command method (sometimes, next arguments can be vulnerable too, if program you want to run allows to run commands too). In such case user can execute arbitrary command on system.
Upvotes: 1
Related Questions
- SonarQube Java path traversal attack
- SonarQube false positive SQL injection
- OS Command Injection (CWE ID 78) (1 flaw) Java code
- Command Injection In Java
- SonarQube rule: "Using command line arguments is security-sensitive" in Spring Boot application
- Java - This usage of java/lang/ProcessBuilder.<init>([Ljava/lang/String;)V can be vulnerable to Command Injection (Sonar)
- Sonar violation properly sanitized before use in this OS command
- Malicious code vulnerability - Field should be package protected
- OS Command Injection Security Threat
- Validating Command Line Arguments User Input