File tree Expand file tree Collapse file tree 5 files changed +90
-1
lines changed
Expand file tree Collapse file tree 5 files changed +90
-1
lines changed Original file line number Diff line number Diff line change 3131 <dependency >
3232 <groupId >io.github.pixee</groupId >
3333 <artifactId >java-security-toolkit</artifactId >
34- <version >1.1.2 </version >
34+ <version >1.2.0 </version >
3535 </dependency >
3636 </dependencies >
3737 </dependencyManagement >
Original file line number Diff line number Diff line change 1+ package com .acme .jndi ;
2+
3+ import io .github .pixee .security .JNDI ;
4+ import jakarta .ws .rs .GET ;
5+ import jakarta .ws .rs .Path ;
6+ import jakarta .ws .rs .QueryParam ;
7+
8+ import javax .naming .Context ;
9+ import javax .naming .InitialContext ;
10+ import javax .naming .NamingException ;
11+
12+ @ Path ("/unsafe-jndi-lookup" )
13+ public class JNDIVulnFixed2 {
14+
15+ @ GET
16+ public String lookupResource (@ QueryParam ("resource" ) final String resource ) throws NamingException {
17+ Context ctx = new InitialContext ();
18+ Object obj = JNDI .limitedContext (ctx ).lookup (resource );
19+ return String .valueOf (obj );
20+ }
21+
22+
23+ }
Original file line number Diff line number Diff line change 1+ package com .acme .jndi ;
2+
3+ import jakarta .ws .rs .GET ;
4+ import jakarta .ws .rs .Path ;
5+ import jakarta .ws .rs .QueryParam ;
6+
7+ import javax .naming .Context ;
8+ import javax .naming .InitialContext ;
9+ import javax .naming .NamingException ;
10+ import java .util .Set ;
11+ import java .util .regex .Pattern ;
12+
13+ @ Path ("/unsafe-jndi-lookup" )
14+ public class JNDIVulnFixed3 {
15+
16+ @ GET
17+ public String lookupResource (@ QueryParam ("resource" ) final String resource ) throws NamingException {
18+ Context ctx = new InitialContext ();
19+
20+ if (Pattern .compile ("^ldap://$" ).matcher (resource ).matches ()) {
21+ throw new SecurityException ("Illegal JNDI resource name: " + resource );
22+ }
23+ Object obj = ctx .lookup (resource );
24+ return String .valueOf (obj );
25+ }
26+ }
Original file line number Diff line number Diff line change 1+ package com .acme .sql ;
2+
3+ import jakarta .ws .rs .GET ;
4+ import jakarta .ws .rs .Path ;
5+ import jakarta .ws .rs .QueryParam ;
6+
7+ import java .sql .Connection ;
8+ import java .sql .SQLException ;
9+ import java .sql .Statement ;
10+
11+ @ Path ("/unsafe-sql-injection" )
12+ public class SQLInjectionVuln {
13+ @ GET
14+ public String lookupResource (Connection connection , @ QueryParam ("resource" ) final String resource ) throws SQLException {
15+ Statement statement = connection .createStatement ();
16+ statement .executeQuery ("select * from users where name = '" + resource + "'" );
17+ return "ok" ;
18+ }
19+ }
Original file line number Diff line number Diff line change 1+ package com .acme .sql ;
2+
3+ import jakarta .ws .rs .GET ;
4+ import jakarta .ws .rs .Path ;
5+ import jakarta .ws .rs .QueryParam ;
6+
7+ import java .sql .Connection ;
8+ import java .sql .PreparedStatement ;
9+ import java .sql .SQLException ;
10+ import java .sql .Statement ;
11+
12+ @ Path ("/unsafe-sql-injection" )
13+ public class SQLInjectionVulnFixed {
14+ @ GET
15+ public String lookupResource (Connection connection , @ QueryParam ("resource" ) final String resource ) throws SQLException {
16+ PreparedStatement statement = connection .prepareStatement ("select * from users where name = ?" );
17+ statement .setString (1 , resource );
18+ statement .executeQuery ();
19+ return "ok" ;
20+ }
21+ }
You can’t perform that action at this time.
0 commit comments