Corgea LogoCorgea Security Hub

CWE-43: Path Equivalence: 'filename....' (Multiple Trailing Dot)

Learn about CWE-43 (Path Equivalence: 'filename....' (Multiple Trailing Dot)), its security impact, exploitation methods, and prevention guidelines.

What is Path Equivalence: 'filename....' (Multiple Trailing Dot)?

• Overview: Path Equivalence: 'filename....' (Multiple Trailing Dot) is a vulnerability where an application incorrectly handles file path inputs containing multiple trailing dots. This can lead to ambiguous interpretation of paths, potentially allowing attackers to navigate the file system in unintended ways.

• Exploitation Methods:

  • Attackers can exploit this vulnerability by crafting file paths with multiple trailing dots to bypass security checks or access restricted files.
  • Common attack patterns include directory traversal, where attackers use these paths to move beyond the intended directory scope to access sensitive files.

• Security Impact:

  • Direct consequences include unauthorized access to files, potentially leading to exposure of sensitive information.
  • Potential cascading effects involve the compromise of system integrity and security, allowing further attacks or data breaches.
  • Business impact may include loss of customer trust, legal consequences, and financial loss due to data breaches.

• Prevention Guidelines:

  • Specific code-level fixes include normalizing and validating all file paths before processing them to ensure they conform to expected formats.
  • Security best practices involve the use of strict input validation and sanitization to prevent malformed paths from being processed.
  • Recommended tools and frameworks include static analysis tools that can detect path handling issues and frameworks that provide robust file path handling utilities.
Corgea can automatically detect and fix Path Equivalence: 'filename....' (Multiple Trailing Dot) in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

import os

def read_file(filename):
    # Vulnerable to path equivalence attack using multiple trailing dots
    # An attacker could use 'secret.txt....' to bypass simple checks and access restricted files
    with open(os.path.join("/safe/directory", filename), 'r') as file:
        return file.read()

# Example usage
user_input = "secret.txt...."  # Malicious input that exploits the vulnerability
print(read_file(user_input))

In this vulnerable example, the code does not normalize or validate the input path. An attacker could exploit this by appending multiple trailing dots to a filename, potentially bypassing simplistic checks and accessing restricted files within the directory.

How to fix Path Equivalence: 'filename....' (Multiple Trailing Dot)?

To fix this vulnerability, it is essential to normalize the file paths and validate them correctly. This involves:

  1. Normalization: Use a library function like os.path.normpath to eliminate redundant separators and up-level references. This ensures that different representations of the same path are reduced to a canonical form.

  2. Validation: After normalization, check that the resolved path is still within the intended directory. This ensures that no directory traversal has occurred.

  3. Input Sanitization: Before building the path, sanitize input to remove any suspicious characters or patterns, such as multiple trailing dots.

By implementing these measures, you can prevent attackers from exploiting path equivalence to access unauthorized files.

Fixed Code Example

import os

def read_file(filename):
    # Normalize the path to prevent path equivalence attacks
    normalized_path = os.path.normpath(filename)

    # Sanitize input by removing trailing dots
    sanitized_path = normalized_path.rstrip('.')

    # Construct the absolute path and ensure it's within the safe directory
    full_path = os.path.join("/safe/directory", sanitized_path)
    
    # Validate the path to ensure the directory has not been escaped
    safe_directory = os.path.abspath("/safe/directory")
    absolute_full_path = os.path.abspath(full_path)
    if not absolute_full_path.startswith(safe_directory):
        raise ValueError("Invalid file path!")

    with open(full_path, 'r') as file:
        return file.read()

# Example usage
user_input = "secret.txt...."  # Malicious input will be sanitized
print(read_file(user_input))

In this fixed example, the code first normalizes and sanitizes the file path input, removing any trailing dots. It then constructs the full path and checks that it is still within the intended directory by comparing absolute paths, effectively preventing directory traversal attacks. This approach ensures that the application handles file paths securely and mitigates the risk of unauthorized file access.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-43: Path Equivalence: 'filename....' (Multiple Trailing Dot) and get remediation guidance

Start for free and no credit card needed.