Versions Compared

Old Version 10

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version 11

changes.mady.by.user Kiuwan Editor User

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

As a suggestion, we recommend use something as “[technology].custom.library”

Please, refer to technology-specific DTD for available “library” attributes.

Custom Neutralization routines

 As As said above, a Neutralization Routine is a piece of code that assures that any tainted data got as input produces untainted as output.

...

Once, the routine is “declared”, must be “marked” as a neutralization routine as follows. See the reference section for more details on how to declare a routine.

Examples

Let’s see some explained examples of custom neutralizations:

Example 1

In this example the method validate is a custom neutralization for a path from a source to a path traversal sink. The input of method validate is neutralized and the output, referred by argpos -1, is untainted after the validation is executed. The next source code shows an example of how to use the neutralization.

Code Block
languagexml
<!DOCTYPE library SYSTEM "library_metadata.dtd">
<library name="custom.libraries">
  <class name="com.mycompany.MyClass" kind="class" supertypes="com.mycompany.IMyClass">
    <method name="validate" signature="validate(java.lang.String)" match="name">
      <return type="java.lang.String"/>
      <neutralization argpos="-1" kind="path_traversal"/>
    </method>
  </class>
</library>
Code Block
languagejava
import com.mycompany.MyClass;
public class MyUtils {
   public void methodThatAccessToFileSystem(HttpServletRequest req){
       String inputFile = req.getParameter("file"); //inputFile tainted
       inputFile = MyClass.validate(inputFile + ".tmp";) //inputFile untainted after validation
       return new FileInputStream(SAFE_DIR.getAbsoluteFile() + inputFile);
   }
}

Example 2

In the next example the neutralization only affects to filesystem resources:

Code Block
languagexml
<!DOCTYPE library SYSTEM "library_metadata.dtd">
<library name="custom.libraries">
  <class name="com.mycompany.CustomFile" kind="class" supertypes="java.io.File">
   <method name="sanitize" signature="sanitize()">
      <neutralization argpos="-2" kind="string" resource="filesystem"/>
    </method>
  </class>
</library>
Code Block
languagejava
import com.mycompany.CustomFile;

public class MyUtils {
  public void methodThatAccessToFileSystem(HttpServletRequest req) {
    String inputFile = req.getParameter("file"); //inputFile tainted
    CustomFile file = new CustomFile(inputFile);
    file.sanitize() //file untainted after sanitization
    return new FileInputStream(SAFE_DIR.getAbsoluteFile() + file);
  }
}

Reference

Structure of Custom Neutralization File (CNF)

...