1

How could I solve this problem in that code. I've tried some approaches, but I couldn't pass the checkmarx test (system used to perform the scan)

FinalUploadFolder comes from the WebConfig file, which is where the files are saved

public FileResult Index(string attachedFile)
   {
       string rootPath = System.Configuration.ConfigurationManager.AppSettings.Get("FinalUploadFolder");
       byte[] file= System.IO.File.ReadAllBytes(string.Format(Path.Combine(rootPath, attachedFile.ToString())));
       return File(file, System.Net.Mime.MediaTypeNames.Application.Octet, attachedFile.ToString());         
   }
4

1 回答 1

0

验证和清理输入是一种安全的编码最佳实践。Checkmarx 有很多“消毒剂”,Path.GetFilename 就是其中之一。

另外,我相信 attachFile 是 Checkmarx 更可能关心的,并且有可能将恶意输入传递到参数中。因此,请尝试使用以下内容更改您的代码:

public FileResult Index(string attachedFile)
   {
       attachedFile = Path.GetFileName(attachedFile);
       string rootPath = System.Configuration.ConfigurationManager.AppSettings.Get("FinalUploadFolder");
       byte[] file= System.IO.File.ReadAllBytes(string.Format(Path.Combine(rootPath, attachedFile.ToString())));
       return File(file, System.Net.Mime.MediaTypeNames.Application.Octet, attachedFile.ToString());         
   }
于 2021-03-04T03:44:38.407 回答