Swift File Manager Path Traversal
Description
Detects path traversal vulnerabilities in Swift applications using Vapor framework where unsafe file operations could allow unauthorized access to files outside intended directories. This occurs when user-controlled file paths are not properly sanitized before being used in file system operations.
Detection Strategy
• Check if Vapor and/or Foundation frameworks are imported in the source file
• Look for suspicious file operation method calls that handle file paths
• Verify the method is called on a FileManager object
• Examine if method arguments contain user-controllable path input without proper validation
• Report vulnerability if path parameters could allow directory traversal via '../' sequences or similar
Vulnerable code example
import Foundation
func unsafeFileOperation(userPath: String) throws -> String {
let source = userPath // Vulnerable: Uses unsanitized user input directly in file operations
let destination = "/tmp/destination"
try FileManager.default.moveItem(atPath: source, toPath: destination)
...✅ Secure code example
import Foundation
func safeFileOperation(userPath: String) throws -> String {
// Define allowed base directory to contain file operations
let baseDirectory = "/tmp/"
// Build and normalize full path to resolve ".." and other path tricks
let fullSourcePath = URL(fileURLWithPath: baseDirectory).appendingPathComponent(userPath)...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.