34 lines
1.4 KiB
Diff
34 lines
1.4 KiB
Diff
From 121a1bcbd68ef9b18ec0c0cdcc8ca0748fe08bdd Mon Sep 17 00:00:00 2001
|
||
From: unknown <u202012145@hust.edu.cn>
|
||
Date: Wed, 26 Apr 2023 21:44:16 +0800
|
||
Subject: [PATCH 05/11] fix CWE-23
|
||
|
||
collect_data.py直接使用命令行参数作为文件路径,可以被攻击者输入../访问上级目录,从而获取系统的敏感信息,或者写入任意文件(使用保存路径遍历文件名的恶意zip存档)。为了修复这一漏洞,我们采用了werzeug库中的secure_filename函数,这一函数会过滤掉文件路径中的所有危险字符,防范这一攻击方式。
|
||
---
|
||
atune_collector/collect_data.py | 2 ++
|
||
1 file changed, 2 insertions(+)
|
||
|
||
diff --git a/atune_collector/collect_data.py b/atune_collector/collect_data.py
|
||
index 3593db6..167141e 100755
|
||
--- a/atune_collector/collect_data.py
|
||
+++ b/atune_collector/collect_data.py
|
||
@@ -21,6 +21,7 @@ import time
|
||
import csv
|
||
|
||
from plugin.plugin import MPI
|
||
+from werkzeug.utils import secure_filename
|
||
|
||
|
||
class Collector:
|
||
@@ -112,6 +113,7 @@ if __name__ == "__main__":
|
||
ARG_PARSER.add_argument('-c', '--config', metavar='json',
|
||
default=default_json_path, help='input json path')
|
||
ARGS = ARG_PARSER.parse_args()
|
||
+ filename=secure_filename(ARGS.config)
|
||
with open(ARGS.config, 'r') as file:
|
||
json_data = json.load(file)
|
||
collector = Collector(json_data)
|
||
--
|
||
2.27.0
|
||
|