Skip to content

Commit

Permalink
Added File.stream/.stream! to Traversal check (#151)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jcowgar
jcowgar authored Jan 3, 2024
1 parent 052d1e0 commit 30b17cc
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
4 changes: 3 additions & 1 deletion lib/sobelow/traversal/file_module.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ defmodule Sobelow.Traversal.FileModule do
:mkdir,
:mkdir!,
:mkdir_p,
:mkdir_p!
:mkdir_p!,
:stream,
:stream!
]
@double_file_funcs [:cp, :copy, :cp!, :copy!, :cp_r, :cp_r!, :ln, :ln!, :ln_s, :ln_s!]

Expand Down
2 changes: 1 addition & 1 deletion test/traversal/file_module_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ defmodule SobelowTest.Traversal.FileModuleTest do
import Sobelow, only: [is_vuln?: 1]
alias Sobelow.Traversal.FileModule

@evil_funcs [:read, :read!, :write, :write!, :rm, :rm!, :rm_rf]
@evil_funcs [:read, :read!, :write, :write!, :rm, :rm!, :rm_rf, :stream, :stream!]

@double_evil_funcs [:cp, :cp!, :cp_r, :cp_r!, :ln, :ln!, :ln_s, :ln_s!]

Expand Down

0 comments on commit 30b17cc

Please sign in to comment.