logo

Database

Kotlin Path Traversal Unsanitized Input

Description

Detects path traversal vulnerabilities in Kotlin applications where unsanitized file paths are used in respondText calls. This could allow attackers to access unauthorized files on the server by manipulating path parameters (e.g., using "../" sequences).

Weakness:

063 - Lack of data validation - Path Traversal

Category: Unexpected Injection

Detection Strategy

    Identifies function calls to 'respondText' in Kotlin code

    Examines the arguments passed to respondText to check if they contain unsanitized file path parameters

    Reports a vulnerability when respondText is called with file paths that aren't properly validated or sanitized against directory traversal attempts

Vulnerable code example

import io.ktor.server.application.*
import io.ktor.server.response.*
import io.ktor.server.routing.*
import java.io.File

fun main() {
    val baseDir = File("/app/data")
    ...

✅ Secure code example

import io.ktor.server.application.*
import io.ktor.server.response.*
import io.ktor.server.routing.*
import io.ktor.http.HttpStatusCode
import java.io.File

fun main() {
    val baseDir = File("/app/data").canonicalFile // Resolve base directory once...