Potential code injection when using Spring Expression

This product is not supported for your selected Datadog site. ().
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Metadata

ID: java-security/spring-expression-injection

Language: Java

Severity: Warning

Category: Security

CWE: 94

Related CWEs:

Description

A Spring expression is built on a dynamic value using an input string. The source should be checked to ensure there is no injection.

Learn More

Non-Compliant Code Examples

class MyClass {
    public void parseExpressionInterface(Person personObj,String property) {

        ExpressionParser parser = new SpelExpressionParser();

        //Unsafe if the input is control by the user..
        Expression exp = parser.parseExpression(property+" == 'Albert'");

        StandardEvaluationContext testContext = new StandardEvaluationContext(personObj);
        boolean result = exp.getValue(testContext, Boolean.class);
    }
}

Compliant Code Examples

class MyClass {
    public void parseExpressionInterface(Person personObj) {
        ExpressionParser parser = new SpelExpressionParser();
        // Safe: using hardcoded expression without user input
        Expression exp = parser.parseExpression("name == 'Albert'");
        StandardEvaluationContext testContext = new StandardEvaluationContext(personObj);
        boolean result = exp.getValue(testContext, Boolean.class);
    }
}
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

シームレスな統合。 Datadog Code Security をお試しください

Datadog Code Security