Following are checkmarx issue details Unrestricted File Upload
Source Object : req (Line No – 39)
target Object : getInputStream (Line No -41)
public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter
{
//...
38 public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res)
39 throws AuthenticationException, IOException, ServletException
40 {
41 Entitlements creds = new ObjectMapper().readValue(req.getInputStream(), Entitlements.class);
return getAuthenticationManager().authenticate(
new UsernamePasswordAuthenticationToken(creds.getId(), "", Collections.emptyList()));
}
//...
}
request objects get highlighted in checkmarx tool –
How do I properly validate, filter, escape, and/or encode user-controllable input to pass a Checkmarx scan?
Advertisement
Answer
This worked for me – checkmarx pass this high vulnerability
I used combination of @reflexdemon ans and @tgdavies comment
@Override
public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res)
throws IOException
{
int len = req.getContentLength();
len = Integer.parseInt(Encode.forHtml(String.valueOf(len)));
String type = req.getContentType();
type = Encode.forHtml(type);
Entitlements creds;
if(len == INPUT_LENGTH && type.equals(MIMETYPE_TEXT_PLAIN_UTF_8)) {
creds = new ObjectMapper().readValue(req.getReader().lines().collect(Collectors.joining(System.lineSeparator())), Entitlements.class);
}else{
creds = new Entitlements();
}
return getAuthenticationManager().authenticate(
new UsernamePasswordAuthenticationToken(creds.getId(), "", Collections.emptyList()));
}