Description
This test takes an integer followed by a filename as input (int filename), and checks that the file exists, is in the current directory, and is not a symbolic link. However the weakness takes some time before opening the file allowing a time of check, time of use vulnerability. This vulnerability allows an attacker to replace the file with a symbolic link to a file outside of the current directory during the time between checking the file's validity and opening it.
Metadata
- Base program: Apache POI
- Source Taint: FILE_CONTENTS
- Data Type: ARRAY
- Data Flow: VAR_ARG_LIST
- Control Flow: INTERRUPT
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.