Traversal.FileModule Issue.

nccgroup / sobelow

Security-focused static analysis for the Phoenix Framework

Apache License 2.0

1.66k stars 92 forks source link

Traversal.FileModule Issue. #114

Closed apoorv-2204 closed 1 year ago

apoorv-2204 commented 1 year ago

defp recover_path(), do: Utils.mut_dir("slot_backup")

  defp backup_slot(slot) do
    content = serialize(slot)

    recover_path()
    |> File.write!(content, [:append, :binary])
  end

   content = File.read!(recover_path())

Path to file is being collected from a function call, which appends the path around, sobelow , still reports it as as Issue. For FileRead , write.

houllette commented 1 year ago

Closing this issue in favor of older, similar issue. Have noted this particular case in that issue to keep track of it and make sure this still keeps addressed 🙂