René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Codemod: path-traversal-join Semgrep","articleBody":"running semgrep on pygoat\r\n```\r\n ❯❱ python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join\r\n          Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability,\r\n          which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or       \r\n          os.path.realpath or Path library.                                                                   \r\n          Details: https://sg.run/Dovo                                                                        \r\n                                                                                                              \r\n          916┆ file=request.POST[\"blog\"]\r\n          917┆ try :\r\n          918┆     dirname = os.path.dirname(__file__)\r\n          919┆     filename = os.path.join(dirname, file)\r\n          920┆     file = open(filename,\"r\")\r\n          921┆     data = file.read()\r\n          922┆     return render(request,\"Lab/ssrf/ssrf_lab.html\",{\"blog\":data})\r\n          923┆ except:\r\n          924┆     return render(request, \"Lab/ssrf/ssrf_lab.html\", {\"blog\": \"No blog found\"})\r\n   \r\n```\r\n\r\nI don't believe we currently have a codemod for this pattern, but we could use deterministically try to implement the suggestion semgrep is giving us.","author":{"url":"https://github.com/clavedeluna","@type":"Person","name":"clavedeluna"},"datePublished":"2024-07-01T11:50:50.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/685/codemodder-python/issues/685"}