From c572020e243174fe8aa40631f90cbffde4a4eb1e Mon Sep 17 00:00:00 2001
From: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Date: Sat, 19 Nov 2022 21:26:19 +0000
Subject: [PATCH] vuln-fix: Temporary File Information Disclosure

This fixes temporary file information disclosure vulnerability due to the use
of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by
using the `Files.createTempFile()` method which sets the correct posix permissions.

Weakness: CWE-377: Insecure Temporary File
Severity: Medium
CVSSS: 5.5
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation)

Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/18


Co-authored-by: Moderne <team@moderne.io>
---
 .../org/jenkinsci/plugins/gogs/GogsWebHookTest.java | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/test/java/org/jenkinsci/plugins/gogs/GogsWebHookTest.java b/src/test/java/org/jenkinsci/plugins/gogs/GogsWebHookTest.java
index 7ece9ff..83c164c 100644
--- a/src/test/java/org/jenkinsci/plugins/gogs/GogsWebHookTest.java
+++ b/src/test/java/org/jenkinsci/plugins/gogs/GogsWebHookTest.java
@@ -11,6 +11,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
+import java.nio.file.Files;
 
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
@@ -78,7 +79,7 @@ public void callDoIndexWithNullResponseMessageMustThrowException() throws IOExce
     @Test
     public void whenEmptyHeaderTypeMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);
@@ -98,7 +99,7 @@ public void whenEmptyHeaderTypeMustReturnError() throws Exception {
     @Test
     public void whenWrongHeaderTypeMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);
@@ -142,7 +143,7 @@ public void whenQueryStringIsNullMustThrowException() throws Exception {
     @Test
     public void whenNoJobInQueryStringMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);
@@ -164,7 +165,7 @@ public void whenNoJobInQueryStringMustReturnError() throws Exception {
     @Test
     public void whenEmptyJobInQueryStringMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);
@@ -186,7 +187,7 @@ public void whenEmptyJobInQueryStringMustReturnError() throws Exception {
     @Test
     public void whenEmptyJob2InQueryStringMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);
@@ -208,7 +209,7 @@ public void whenEmptyJob2InQueryStringMustReturnError() throws Exception {
     @Test
     public void whenUriDoesNotContainUrlNameMustReturnError() throws Exception {
         //Prepare the SUT
-        File uniqueFile = File.createTempFile("webHookTest_", ".txt", new File("target"));
+        File uniqueFile = Files.createTempFile(new File("target").toPath(), "webHookTest_", ".txt").toFile();
 
         StaplerRequest staplerRequest = Mockito.mock(RequestImpl.class);
         StaplerResponse staplerResponse = Mockito.mock(ResponseImpl.class);