New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
detect CWE-113 with sink javax/servlet/http/HttpServletResponse.setHeader #354
Comments
I left #341 open on purpose.. because it is really easy to implement and I was hoping for some hacktoberfest momentum to get new contributors. Header splitting should be already covered : find-sec-bugs/plugin/src/main/resources/injection-sinks/response-splitting.txt Lines 3 to 7 in 89182fb
|
@h3xstream I can take both #341 and #354. |
@bradflood Cool 👍 |
Verified comment from @h3xstream that this issue appears to be covered by existing response splitting checks. My client is using find-sec-bugs 1.6, sonar-findbugs 3.6, and it's possible this was fixed after 1.6. I would like to keep this open until a version of sonar-findbugs is released containing this fix. It appears this fix is slotted for find-sec-bugs 1.8 |
If we look at the test cases, we already have, it should be covered. The issue might not get reported if you only show normal and high priority. When FSB can't find the source, it will reported as low. Header injection is almost a vulnerability of the past, the likelyhood that your web server is vulnerable to header injection is low. |
I will open a new ticket to verify if |
Ref #461 |
This issue is similar to #341. It was found by IBM AppScan, which we are abandoning in favor of find-sec-bugs. The code below is notional, as I have not verified it. If I have time this weekend, I can submit a PR for this and #341.
The text was updated successfully, but these errors were encountered: