From bf9fb4d09769b880b41be3b193db9b8c7326f20c Mon Sep 17 00:00:00 2001 From: Jonathan Leitschuh Date: Wed, 27 Jul 2022 16:37:00 +0000 Subject: [PATCH] vuln-fix: Temporary Directory Hijacking or Information Disclosure This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure. Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions Severity: High CVSSS: 7.3 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory) Reported-by: Jonathan Leitschuh Signed-off-by: Jonathan Leitschuh Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/10 Co-authored-by: Moderne --- .../git/jgit/JGitRepositoryTest.java | 24 +++++++------------ .../mojo/AbstractGitMojoTest.java | 5 ++-- 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java b/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java index 02aaeb00..bdcfa977 100644 --- a/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java +++ b/src/test/java/com/github/koraktor/mavanagaiata/git/jgit/JGitRepositoryTest.java @@ -76,10 +76,8 @@ void setup() { @DisplayName("should be able to create based on a worktree") @Test void testCreateWithWorkTree() throws Exception { - File workTree = File.createTempFile("workTree", null); - if (workTree.delete() && workTree.mkdir()) { - workTree.deleteOnExit(); - } + File workTree = Files.createTempDirectory("workTree").toFile(); + workTree.deleteOnExit(); File gitDir = new File(workTree, DOT_GIT); if (gitDir.mkdir()) { @@ -125,10 +123,8 @@ void testCreateWithWorkTreeAndGitDir() throws Exception { @DisplayName("should be able to create based on a subdirectory of a worktree") @Test void testCreateWithWorkTreeChild() throws Exception { - File workTree = File.createTempFile("workTree", null); - if (workTree.delete() && workTree.mkdir()) { - workTree.deleteOnExit(); - } + File workTree = Files.createTempDirectory("workTree").toFile(); + workTree.deleteOnExit(); File workTreeChild = new File(workTree, "child"); if (workTreeChild.mkdir()) { @@ -157,20 +153,16 @@ void testCreateWithWorkTreeChild() throws Exception { @DisplayName("should be able to create based on a linked worktree") @Test void testCreateWithLinkedWorktree() throws Exception { - File realGitDir = File.createTempFile(DOT_GIT, null); - if (realGitDir.delete() && realGitDir.mkdir()) { - realGitDir.deleteOnExit(); - } + File realGitDir = Files.createTempDirectory(DOT_GIT).toFile(); + realGitDir.deleteOnExit(); File gitDir = new File(realGitDir, DOT_GIT + "/worktrees/test"); if (gitDir.mkdir()) { gitDir.deleteOnExit(); } - File workTree = File.createTempFile("workTree", null); - if (workTree.delete() && workTree.mkdir()) { - workTree.deleteOnExit(); - } + File workTree = Files.createTempDirectory("workTree").toFile(); + workTree.deleteOnExit(); File originalGitDir = new File(workTree, DOT_GIT); Files.createFile(originalGitDir.toPath()); diff --git a/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java b/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java index ccbe76e5..c19a1d30 100644 --- a/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java +++ b/src/test/java/com/github/koraktor/mavanagaiata/mojo/AbstractGitMojoTest.java @@ -10,6 +10,7 @@ import org.codehaus.plexus.util.FileUtils; import java.io.File; +import java.nio.file.Files; import java.util.Properties; import org.apache.maven.plugin.MojoExecutionException; @@ -179,9 +180,7 @@ void testInitErrorSkipNoGit() throws Exception { @DisplayName("should ignore errors when skipNoGit is set") @Test void testInitRepository() throws Exception { - File baseDir = File.createTempFile("mavanagaiata-tests-baseDir", null); - baseDir.delete(); - baseDir.mkdirs(); + File baseDir = Files.createTempDirectory("mavanagaiata-tests-baseDir").toFile(); FileUtils.forceDeleteOnExit(baseDir); File gitDir = File.createTempFile("mavanagaiata-tests-gitDir", null);