mirror of
https://github.com/YunoHost/package_linter.git
synced 2024-09-03 20:06:12 +02:00
Check for path traversal issue
This commit is contained in:
Alexandre Aubin
parent
74e60bab86
commit
f6e98894cf
1 changed files with 44 additions and 2 deletions
|
|
@ -137,12 +137,19 @@ class App():
|
||||||
)
|
)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Deprecated usage of 'add_header' in nginx conf
|
# Analyze nginx conf
|
||||||
|
# - Deprecated usage of 'add_header' in nginx conf
|
||||||
|
# - Spot path traversal issue vulnerability
|
||||||
#
|
#
|
||||||
|
|
||||||
for filename in os.listdir(self.path + "/conf"):
|
for filename in os.listdir(self.path + "/conf"):
|
||||||
if not os.path.isfile(self.path + "/conf/" + filename):
|
# Ignore subdirs or filename not containing nginx in the name
|
||||||
|
if not os.path.isfile(self.path + "/conf/" + filename) or "nginx" not in filename:
|
||||||
continue
|
continue
|
||||||
|
|
||||||
|
#
|
||||||
|
# 'add_header' usage
|
||||||
|
#
|
||||||
content = open(self.path + "/conf/" + filename).read()
|
content = open(self.path + "/conf/" + filename).read()
|
||||||
if "location" in content and "add_header" in content:
|
if "location" in content and "add_header" in content:
|
||||||
print_warning(
|
print_warning(
|
||||||
|
|
@ -151,6 +158,41 @@ class App():
|
||||||
"and https://github.com/openresty/headers-more-nginx-module#more_set_headers )"
|
"and https://github.com/openresty/headers-more-nginx-module#more_set_headers )"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
#
|
||||||
|
# Path traversal issues
|
||||||
|
#
|
||||||
|
lines = open(self.path + "/conf/" + filename).readlines()
|
||||||
|
lines = [line.strip() for line in lines if not line.strip().startswith("#")]
|
||||||
|
# Let's find the first location line
|
||||||
|
location_line = None
|
||||||
|
path_traversal_vulnerable = False
|
||||||
|
lines_iter = lines.__iter__()
|
||||||
|
for line in lines_iter:
|
||||||
|
if line.startswith("location"):
|
||||||
|
location_line = line
|
||||||
|
break
|
||||||
|
# Look at the next lines for an 'alias' directive
|
||||||
|
if location_line is not None:
|
||||||
|
for line in lines_iter:
|
||||||
|
if line.startswith("location"):
|
||||||
|
# Entering a new location block ... abort here
|
||||||
|
# and assume there's no alias block later...
|
||||||
|
break
|
||||||
|
if line.startswith("alias"):
|
||||||
|
# We should definitely check for path traversal issue
|
||||||
|
# Does the location target ends with / ?
|
||||||
|
target = location_line.split()[-2]
|
||||||
|
if not target.endswith("/"):
|
||||||
|
path_traversal_vulnerable = True
|
||||||
|
break
|
||||||
|
if path_traversal_vulnerable:
|
||||||
|
print_warning(
|
||||||
|
"The nginx configuration appears vulnerable to path traversal as explained in "
|
||||||
|
"https://www.acunetix.com/vulnerabilities/web/path-traversal-via-misconfigured-nginx-alias/\n"
|
||||||
|
"To fix it, look at the first lines of the nginx conf of the example app : "
|
||||||
|
"https://github.com/YunoHost/example_ynh/blob/master/conf/nginx.conf"
|
||||||
|
)
|
||||||
|
|
||||||
def check_helper_consistency(self):
|
def check_helper_consistency(self):
|
||||||
"""
|
"""
|
||||||
check if ynh_install_app_dependencies is present in install/upgrade/restore
|
check if ynh_install_app_dependencies is present in install/upgrade/restore
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue