Only Filtering Special Elements at an Absolute Position
This vulnerability occurs when software checks for dangerous characters or patterns only at a fixed, hardcoded location in input data. Because it ignores these same elements if they appear anywhere else, attackers can bypass the filter by simply moving the malicious content to a different position.
Imagine a filter that only removes a semicolon if it's exactly the 10th character, believing this will prevent SQL injection. An attacker can easily bypass this by adding a few harmless characters at the start, moving the malicious semicolon to the 11th position. The filter sees nothing wrong at its one checked spot and lets the tainted data pass through, leading to a successful attack. This flaw stems from a misunderstanding of input validation. Effective security requires checking all input comprehensively, not just sampling a single location. Developers should use allowlists or context-aware encoding that processes the entire data stream, ensuring dangerous elements are neutralized no matter where they appear.
Impact: Unexpected State
ID : DX-4
The following code takes untrusted input and uses a substring function to filter a 3-character "../" element located at the 0-index position of the input string. It then appends this result to the /home/user/ directory and attempts to read the file in the final resulting path.Code Example:
perlCode Example:
bashCode Example:
bashCode Example:
bash