Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid false positive vulnerability for file upload location #125

Open
d3ep4k opened this issue May 22, 2020 · 1 comment
Open

Avoid false positive vulnerability for file upload location #125

d3ep4k opened this issue May 22, 2020 · 1 comment
Assignees
@richard937

Comments

@d3ep4k
Copy link
Contributor

d3ep4k commented May 22, 2020
edited
Loading

SonarSource/sonar-dotnet#1865

Change the variable name to uploadFileLocation from uploadFilePath in UploaderService.java

String uploadFilePath = System.getProperty("catalina.base") + File.separator + UPLOAD_DIR + request.getContextPath();
@d3ep4k d3ep4k changed the title Avoid false positive Avoid false positive vulnerability for file upload location May 22, 2020
richard937 added a commit that referenced this issue May 23, 2020
@richard937
solved issue #125
7f15d9c
d3ep4k added a commit that referenced this issue May 23, 2020
@d3ep4k
Merge pull request #126 from metamug/feature_false_positive
ddeea79 
solved issue #125
@d3ep4k d3ep4k closed this as completed May 23, 2020
@d3ep4k d3ep4k reopened this May 23, 2020
@d3ep4k
Copy link
Contributor Author

d3ep4k commented May 23, 2020

This issue is still reported by sonarqube.
https://sonarcloud.io/component_measures?id=metamug_mason&metric=security_rating&selected=metamug_mason%3Asrc%2Fmain%2Fjava%2Fcom%2Fmetamug%2Fmason%2Fservice%2FUploaderService.java&view=list

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@richard937 richard937

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@d3ep4k @richard937