Prevent command injection

이 제품은 선택한 Datadog 사이트에서 지원되지 않습니다. ().
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: java-security/command-injection

Language: Java

Severity: Error

Category: Security

CWE: 78

Description

This rule detects command injection, a serious security vulnerability that occurs when an attacker is able to manipulate a command that the application executes. Command injection attacks can lead to data loss, corruption, or unauthorized access to sensitive system data.

Command injection vulnerabilities generally occur when user input is used unsanitized in a command that is executed by the application. In the non-compliant code samples, the user input is directly added to a command that is executed by the application, allowing an attacker to potentially execute arbitrary commands.

To avoid this vulnerability, user input should never be used directly in a command that is executed by the application. Instead, use safe APIs that allow you to execute commands without the risk of injection, or ensure that user input is properly sanitized before it is used. If you must use user input in a command, ensure that it is properly escaped or quoted to prevent the injection of additional commands.

Non-Compliant Code Examples

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class NonCompliant {
    public void doPost(HttpServletRequest request, HttpServletResponse response) {
        String param = "<default>";
        java.util.Enumeration<String> headers = request.getHeaders("X-Some-Header");

        java.util.List<String> argList = new java.util.ArrayList<String>("./script.sh");
        if (headers != null && headers.hasMoreElements()) {
            argList.add(java.net.URLDecoder.decode(headers.nextElement(), "UTF-8"));
        }

        ProcessBuilder pb = new ProcessBuilder();
        pb.command(argList);
    }
}

import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class NonCompliant2 {

    @PostMapping("/")
    public void handlePost(@RequestHeader("X-Some-Header") String headerValue) {
        java.util.List<String> argList = new java.util.ArrayList<String>("./script.sh");
        argList.add("-c");
        argList.add(headerValue);

        ProcessBuilder pb = new ProcessBuilder();
        pb.command(argList);
    }
}

Compliant Code Examples

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Compliant {
    public void doPost(HttpServletRequest request, HttpServletResponse response) {
        // Safe: using hardcoded command without user input
        ProcessBuilder pb = new ProcessBuilder();
        pb.command("ls", "-la");
    }
}
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

원활한 통합. Datadog Code Security를 경험해 보세요

Datadog Code Security