Skip to content

Commit

Permalink
Add compliant and noncompliant examples of java/unrestricted-file-upl…
Browse files Browse the repository at this point in the history 
…oad@v1.0
  • Loading branch information
@karmakri
karmakri committed Dec 14, 2023
1 parent 66d7cab commit 1fe57aa
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/java/detectors/unrestricted_file_upload/UnrestrictedFileUpload.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@
import java.util.HashMap;
import org.springframework.util.StringUtils;
import javax.servlet.ServletException;
import javax.servlet.http.Part;
import java.nio.file.Files;
import java.nio.file.StandardCopyOption;

public class UnrestrictedFileUpload {

// {fact rule=unrestricted-file-upload@v1.0 defects=1}
public void unrestrictedFileUploadNoncompliant(HttpServletRequest request) {
public void unrestrictedFileUploadNoncompliant(HttpServletRequest request, HttpServletResponse response) {
Part filePart = request.getPart("fileToUpload");
InputStream fileInputStream = filePart.getInputStream();
// Noncompliant: the uploaded file can have any extension.
Expand Down

0 comments on commit 1fe57aa

Please sign in to comment.