Skip to content

Bau 28227 codeception vulnerabilities 500 part 1 #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
remus-iesan-natterbox wants to merge 2 commits into
base: 2.0
Choose a base branch
from
Open

Bau 28227 codeception vulnerabilities 500 part 1 #1

remus-iesan-natterbox wants to merge 2 commits into from

Conversation

@remus-iesan-natterbox
Copy link

@remus-iesan-natterbox remus-iesan-natterbox commented Sep 16, 2025
edited
Loading

This pull request addresses BAU-28227 by introducing several security hardening measures to mitigate path traversal and related vulnerabilities in the Codeception codebase. The following core changes were made:

Summary of Changes

  1. Path Validation and Sanitization

    • Added strict validation and realpath checks for output, log, and database file paths to ensure they remain within the project directory.
    • Introduced helper methods (sanitizePath, sanitizeFilename, etc.) to centralize path validation across modules.

  2. Directory and File Handling Improvements

    • Updated logic for creating and writing to directories and files to use safe, validated paths.
    • Ensured that directory creation, permission checks, and file operations throw exceptions when invalid or insecure paths are detected.

  3. Module Updates

    • Filesystem Module: Enhanced file and directory access methods with path sanitization, preventing access outside the project directory.
    • Sqlite Driver: File operations (cleanup, snapshot, load) now strictly use sanitized filenames within the allowed scope.
    • Configuration: Output and log directories are validated, and any detected path traversal results in a configuration exception.

List of Modified Files

  • src/Codeception/Command/GenerateScenarios.php: Added realpath validation for scenario output paths.
  • src/Codeception/Configuration.php: Hardened output/log directory path handling; added project directory checks.
  • src/Codeception/Lib/Driver/Sqlite.php: Updated file operations to ensure database files remain within the project directory.
  • src/Codeception/Module/Filesystem.php: Introduced and utilized sanitizePath for all filesystem operations.

Iesan Remus and others added 2 commits September 15, 2025 15:33
@natterbox-integration
Copy link

natterbox-integration commented Sep 16, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

code/snyk check is complete. No issues have been found. (View Details)

orca-security-eu[bot]
orca-security-eu bot reviewed Sep 16, 2025
View reviewed changes
Copy link

@orca-security-eu orca-security-eu bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@orca-security-eu orca-security-eu[bot] orca-security-eu[bot] left review comments

@JamesHayes-NB JamesHayes-NB Awaiting requested review from JamesHayes-NB

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@remus-iesan-natterbox @natterbox-integration