/*================================================================================================== Copyright (c) 2020 Siemens Product Lifecycle Management Software Inc. ==================================================================================================== Filename: Sanitizer.hxx File description: ==================================================================================================*/ #ifndef TEAMCENTER_SANITIZER_HXX #define TEAMCENTER_SANITIZER_HXX #include #include #include namespace Teamcenter { class Sanitizer; } class SANITIZER_API Teamcenter::Sanitizer { public: /** * Sanitize a user input string before including it in a command to be executed in another process or shell (e.g., * with Runtime.exec()). The method is intended to detect and prevent command injection attacks. It checks whether * the input string contains shell control characters or OS commands that might be signs of command injection. * * @param theInput the user input string to be sanitized. * @return the input string if the string is judged to be safe for command execution. * @throws SanitizationException if the string is judged unsafe for command execution. * @published */ static std::string sanitizeCommand(const std::string& theInput); /** * Sanitize a user input string before it is included in a file path to be opened for read or write. The method is * intended to detect and prevent file path traversal attacks. It checks that the input string is a relative path * and does not contain character sequences such as "../.." that can traverse out of a base directory. For stronger * validation handling symbolic links or if an absolute path is to be sanitized, the sanitizePathWithWhitelist * method is recommended instead. * * @param theInput the user input string to be sanitized. * @return the normalized version of input string if the string is judged to be free of path traversal attacks * @throws SanitizationException if the string is suspected for a path traversal attack as well as untrust absoulute path. * @published */ static std::string sanitizePath(const std::string& theInput); /** * Sanitize a user input string before it is included in a file path to be opened for read or write. The method is * intended to detect and prevent file path traversal attacks. It checks that the input string denotes a file that * is either in the white list or is within a directory in the whitelist. If validExtensions is provided the file * must also have an extension that is in the list. Unlike sanitizePath, the input to be sanitized is allowed to be an * absolute path. * * @param whiteList user input valid file path list to begin with * @param validExtensions user input valid file extension list to end with * @param theInput the user input string to be sanitized. * @param ignoreCase Perform case insensitive path comparisons for theInput with whitelist and validExtensions values by default. * @return String the input string if the string is judged to be free of path/file attacks * @throws SanitizationException an Sanitization exception is thrown * @published */ static std::string sanitizePathWithWhiteList(std::vector< std::string >& whiteList, std::vector< std::string >& validExtensions, const std::string& theInput, bool ignoreCase = true); private: static std::string m_delimiters; static const int m_numInvalidStrings = 20; static std::string m_invalidStringList2[]; }; #include #endif