Path Injection High

User input leads to file opening. This allows users to take control and open any readable file on the system which may leak sensitive information. This can be sanitized with the basename method.

Detector ID
ruby/path-traversal@v1.0
Category
Common Weakness Enumeration (CWE) external icon
Tags
-

Noncompliant example

1def render_modern_param_noncompliant
2    page = params[:page]
3    # Noncompliant: Unsanitized user-input is used in render file.
4    render file: "/some/path/#{page}"
5end

Compliant example

1def render_modern_param_compliant
2    page = params[:page]
3    # Compliant: User-input is sanitized before using it in render file.
4    render file: File.basename("/some/path/#{page}")
5end