From 7007342af07d9db30ee3b60dc84ca379ba9483e2 Mon Sep 17 00:00:00 2001
From: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Date: Tue, 4 Oct 2022 00:16:14 +0000
Subject: [PATCH] vuln-fix: Temporary Directory Hijacking or Information
 Disclosure

This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure.

Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions
Severity: High
CVSSS: 7.3
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory)

Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/10


Co-authored-by: Moderne <team@moderne.io>
---
 .../commons/util/EnterpriseEntityResolverTest.java |  5 ++---
 .../org/apache/oodt/commons/util/UtilityTest.java  | 14 +++++---------
 .../apache/oodt/cas/metadata/MetadataTestCase.java |  7 ++-----
 3 files changed, 9 insertions(+), 17 deletions(-)

diff --git a/commons/src/test/java/org/apache/oodt/commons/util/EnterpriseEntityResolverTest.java b/commons/src/test/java/org/apache/oodt/commons/util/EnterpriseEntityResolverTest.java
index 950fdcfc4..06989f99b 100644
--- a/commons/src/test/java/org/apache/oodt/commons/util/EnterpriseEntityResolverTest.java
+++ b/commons/src/test/java/org/apache/oodt/commons/util/EnterpriseEntityResolverTest.java
@@ -16,6 +16,7 @@
 package org.apache.oodt.commons.util;
 
 import java.io.File;
+import java.nio.file.Files;
 import java.util.Collections;
 import java.util.List;
 import junit.framework.TestCase;
@@ -41,9 +42,7 @@ public EnterpriseEntityResolverTest(String name) {
 	 */
 	public void setUp() throws Exception {
 		super.setUp();
-		testDir = File.createTempFile("eet", ".dir");
-		testDir.delete();
-		testDir.mkdir();
+		testDir = Files.createTempDirectory("eet" + ".dir").toFile();
 		testFile = new File(testDir, "test-entry-do-not-remove.dtd");
 		if (!testFile.createNewFile())
 			throw new Exception(testFile + " already exists, but shouldn't");
diff --git a/commons/src/test/java/org/apache/oodt/commons/util/UtilityTest.java b/commons/src/test/java/org/apache/oodt/commons/util/UtilityTest.java
index ec1aa4793..6cdc08f75 100644
--- a/commons/src/test/java/org/apache/oodt/commons/util/UtilityTest.java
+++ b/commons/src/test/java/org/apache/oodt/commons/util/UtilityTest.java
@@ -17,6 +17,8 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.nio.file.Files;
+
 import junit.framework.TestCase;
 
 public class UtilityTest extends TestCase {
@@ -25,18 +27,12 @@ public UtilityTest(String caseName) {
 	}
 
 	public void testDelete() throws IOException {
-		File top = File.createTempFile("topdir", ".dir");
-		top.delete();
-		top.mkdir();
+		File top = Files.createTempDirectory("topdir" + ".dir").toFile();
 		File f1 = File.createTempFile("nesteddir", ".file", top);
 		File f2 = File.createTempFile("nesteddir", ".file", top);
-		File d1 = File.createTempFile("nesteddir", ".dir", top);
-		d1.delete();
-		d1.mkdir();
+		File d1 = Files.createTempDirectory(top.toPath(), "nesteddir" + ".dir").toFile();
 		File f3 = File.createTempFile("nesteddir", ".file", d1);
-		File d2 = File.createTempFile("nesteddir", ".dir", d1);
-		d2.delete();
-		d2.mkdir();
+		File d2 = Files.createTempDirectory(d1.toPath(), "nesteddir" + ".dir").toFile();
 		File f4 = File.createTempFile("nesteddir", ".file", d2);
 
 		assertTrue(Utility.delete(top));
diff --git a/metadata/src/test/java/org/apache/oodt/cas/metadata/MetadataTestCase.java b/metadata/src/test/java/org/apache/oodt/cas/metadata/MetadataTestCase.java
index 792a250f4..eead58443 100644
--- a/metadata/src/test/java/org/apache/oodt/cas/metadata/MetadataTestCase.java
+++ b/metadata/src/test/java/org/apache/oodt/cas/metadata/MetadataTestCase.java
@@ -23,6 +23,7 @@
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.InputStream;
+import java.nio.file.Files;
 import java.io.IOException;
 
 // Junit Testing framework
@@ -51,11 +52,7 @@ public MetadataTestCase(String name) {
      */
     public void setUp() throws Exception {
         super.setUp();                                                                      // Set up the framework test harness
-        tmpDir = File.createTempFile("metadata", ".tests");                                 // Get a temporary file
-        if (!tmpDir.delete())                                                               // File?! We don't want no stinkin' file
-            throw new IOException("Cannot delete temporary file " + tmpDir);                
-        if (!tmpDir.mkdirs())                                                               // Directory is what we want
-            throw new IOException("Cannot create temporary directory " + tmpDir);
+        tmpDir = Files.createTempDirectory("metadata" + ".tests").toFile();
         //tmpDir.deleteOnExit();
     }