Hi All, I am currently working on piece of code which when I go for a Snaky scan I given me below error. "Unsanitized input from a URL handled via "*File name" flows into moveItem, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files."
sample code: func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any] = [:]) -> Bool { hadClickOnUrl=true openUrl = url passwordProtetedFilePath = nil
ptxData = nil
//------------------------------New Code
var file:NSString = url.path as NSString
var guid = getGuidByFilePath(filepath: file as String)
let fileName = FileManager.default.displayName(atPath: file as String)
let isGuidAvailabe = DBManager.sharedInstance.iSGuidAlreadyAvilable(guid: guid, fileName: fileName)
if(!isGuidAvailabe){
// bundleIdentifier based on the QA or Production Environment
let bundleId = Bundle.main.bundleIdentifier
print("****************** BundleId based on the QA or Production Env ****************** \(bundleId!)")
if(file.contains(bundleId!)){
print("iCloud/Local Drive File")
let documentPaths:NSArray = NSSearchPathForDirectoriesInDomains(.documentDirectory, .userDomainMask, true) as NSArray
let documentPath:NSString = documentPaths.object(at: 0) as! NSString
let filename:NSString = url.lastPathComponent as NSString
let demoTxPath:NSString = NSString.init(format: "%@/%@", documentPath, filename)
let importedfilePath = "\(self.getPath())/Inbox/\(filename)"
//New : Check if Guid is already exsit in the DB.
//If file is not exist in the document folder then processed.
if (FileManager.default.fileExists(atPath: importedfilePath as String) != true ) {
if (FileManager.default.fileExists(atPath: demoTxPath as String) != true ) {
// copy the file from our bundle
do{
try FileManager.default.moveItem(atPath: file as String, toPath: demoTxPath as String)
//New document path Url
file = demoTxPath
openUrl = URL(fileURLWithPath: demoTxPath as String) //URL(string: "file:///private\(demoTxPath as String)")
guid = getGuidByFilePath(filepath: file as String)
}catch let error{
print("error is \(error)")
}
}else{
print(" iCloud Drive File") //but exist in iCloud Drive
let filename:NSString = url.lastPathComponent as NSString
let importedfilePath = "\(self.getPath())/\(filename)"
guid = getGuidByFilePath(filepath: importedfilePath as String)
}
}else {
guid = getGuidByFilePath(filepath: importedfilePath as String)
}// File is already exist based of the file name.
}else{
print("Not in iCloud Drive File") //but exist in iCloud Drive
let filename:NSString = url.lastPathComponent as NSString
let importedfilePath = "\(self.getPath())/Inbox/\(filename)"
guid = getGuidByFilePath(filepath: importedfilePath as String)
}
}
I would like to know how to mitigate this issue as I have tried any suggestion give online ,but none of them worked in resolving this issue. Any help would be great thanks in advance.