CWE-157: Failure to Sanitize Paired Delimiters
Learn about CWE-157 (Failure to Sanitize Paired Delimiters), its security impact, exploitation methods, and prevention guidelines.
What is Failure to Sanitize Paired Delimiters?
• Overview: Failure to Sanitize Paired Delimiters is a vulnerability where software does not correctly handle characters used to signify the start and end of grouped data, such as parentheses or brackets. This can lead to incorrect parsing or execution of code.
• Exploitation Methods:
- Attackers can exploit this vulnerability by injecting untrusted input that includes unsanitized delimiters, leading to malformed queries or data structures.
- Common attack patterns include SQL injection, script injection, and other code injection techniques where improperly handled delimiters are used to alter the intended logic.
• Security Impact:
- Direct consequences of successful exploitation include unauthorized data access, code execution, or application crashes.
- Potential cascading effects might involve system compromise, data corruption, or loss of data integrity.
- Business impact could be severe, leading to data breaches, financial loss, or damage to reputation.
• Prevention Guidelines:
- Specific code-level fixes include ensuring all input is properly sanitized and validated before use, especially when delimiters are involved.
- Security best practices involve employing input validation libraries and escaping functions designed to handle paired delimiters.
- Recommended tools and frameworks are those providing built-in security features for input sanitization, such as ORM frameworks for databases and templating engines that automatically escape delimiters.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not Language-Specific
Affected Technologies: Not specified
Vulnerable Code Example
Python Example
def process_user_input(user_input):
# Vulnerable code: The function directly includes user input into a JSON-like structure
# without properly handling paired delimiters. This can lead to malformed JSON structures.
# For example, a user input of '"data": "value"' could break the JSON structure by adding
# unexpected quotes or braces, leading to JSON parsing errors.
json_data = '{ "key": "' + user_input + '" }'
return json_data
user_input = input("Enter some data: ")
result = process_user_input(user_input)
print("Resulting JSON:", result)
How to fix Failure to Sanitize Paired Delimiters?
The issue here is that user input is directly inserted into a JSON-like structure without validation or sanitization, which can lead to malformed data if the input contains paired delimiters like quotes or braces. To fix this, we should use a proper JSON library to handle the serialization of user input safely. This ensures that any special characters in the input are properly escaped or encoded, maintaining the integrity of the JSON structure.
Fixed Code Example
import json
def process_user_input(user_input):
# Fixed code: Using the json library to safely encode user input into a JSON structure.
# This approach automatically handles special characters and paired delimiters, ensuring
# the JSON structure remains valid regardless of user input.
json_data = json.dumps({"key": user_input})
return json_data
user_input = input("Enter some data: ")
result = process_user_input(user_input)
print("Resulting JSON:", result)
In the fixed code, we import the json module and use json.dumps() to serialize the user input. This ensures that any special characters in the input are properly escaped, preventing issues with paired delimiters and maintaining the integrity of the JSON structure. This approach is a best practice for handling user input when constructing JSON data, as it avoids manual string concatenation and potential security vulnerabilities.