KEMBAR78
Fix for Insecure Temporary File Creation by simei2k · Pull Request #68 · robo-code/robocode · GitHub
Skip to content

Fix for Insecure Temporary File Creation #68

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 13, 2025
Merged

Fix for Insecure Temporary File Creation #68

merged 2 commits into from
May 13, 2025

Conversation

@simei2k
Copy link
Contributor

@simei2k simei2k commented May 10, 2025

The current implementation of createTempFile() has a security vulnerability related to privilege management. File operations should run with controlled privileges using Java's AccessController.doPrivileged() pattern to prevent security manager bypass or privilege escalation.

This vulnerability was identified in eclipse-ee4j/jersey@5794b7a and fixed.

References:

  1. eclipse-ee4j/jersey@5794b7a
  2. https://nvd.nist.gov/vuln/detail/cve-2022-21540

@simei2k
Fix for Insecure Temporary File Creation
964b10f 
The current implementation of createTempFile() has a security vulnerability related to privilege management. File operations should run with controlled privileges using Java's AccessController.doPrivileged() pattern to prevent security manager bypass or privilege escalation.

This vulnerability was identified in eclipse-ee4j/jersey@5794b7a and fixed.

References:
1.  eclipse-ee4j/jersey@5794b7a
2. https://nvd.nist.gov/vuln/detail/cve-2022-21540
@flemming-n-larsen flemming-n-larsen self-assigned this May 13, 2025
@flemming-n-larsen
Copy link
Member

Thank you for both identifying the vulnerability in Robocode, and also provide a PR for fixing it. ❤️

I will study the CVE and fix, and probably merge the PR as-is, unless it needs some extra consideration.

@flemming-n-larsen
Added missing imports for RecordManager, formatted the createTempFile…
1638298 
…, and improvements to fix for createTempFile()
@flemming-n-larsen flemming-n-larsen self-requested a review May 13, 2025 19:48
flemming-n-larsen
flemming-n-larsen approved these changes May 13, 2025
View reviewed changes
Copy link
Member

@flemming-n-larsen flemming-n-larsen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The RecordManager.createTempFile() did indeed lack a AccessController.doPrivileged() check. 👍

I improved your PR by:

  • Formatting your changes
  • Added missing imports
  • Using a lambda expression for the doPrivileged()
  • Removed the list of IOExceptions, as we only encounter a single exception, if deleting the fille fails.

I will merge your changes. Thanks for the fix!

@flemming-n-larsen flemming-n-larsen merged commit 9f882bb into robo-code:main May 13, 2025
flemming-n-larsen added a commit that referenced this pull request May 13, 2025
@flemming-n-larsen
Updated versions.md regarding fix for #68
c9908af
@simei2k
Copy link
Contributor Author

simei2k commented May 25, 2025

@flemming-n-larsen thanks for merging the PR! My team and I will be submitting this as a CVE, do let us know if you have any concerns!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@flemming-n-larsen flemming-n-larsen flemming-n-larsen approved these changes

Assignees

@flemming-n-larsen flemming-n-larsen

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@simei2k @flemming-n-larsen