AWS logo
Amazon QDetector Library

Insecure Bean Validation High

It's not advisable to pass user-controlled inputs to bean validation APIs. To mitigate this issue, consider implementing input validation and sanitization mechanisms. This can be achieved by using appropriate libraries or frameworks that provide built-in sanitization functions or by implementing custom validation logic specific to your application's needs.

Detector ID
kotlin/insecure-bean-validation@v1.0
Category
Common Weakness Enumeration (CWE) external icon

Noncompliant example

1// Noncompliant: Controlling the content of the message template supplied to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` parameter can result in arbitrary Java code execution.
2fun noncompliant(request: HttpServletRequest, response: HttpServletResponse, constraintContext: ConstraintValidatorContext) {
3    val constraintViolation: String = request.getAttribute("constraintViolation").toString()
4    constraintContext.buildConstraintViolationWithTemplate(constraintViolation)
5    .addConstraintViolation()
6    .disableDefaultConstraintViolation()
7}

Compliant example

1// Compliant: Safe Bean properties are passed to `buildConstraintViolationWithTemplate`
2fun compliant(request: HttpServletRequest, response: HttpServletResponse, constraintContext: ConstraintValidatorContext) {
3    val context: HibernateConstraintValidatorContext = constraintContext.unwrap(HibernateConstraintValidatorContext::class.java)
4    context.addMessageParameter("prop", request.getParameter("prop"))
5    context.buildConstraintViolationWithTemplate("{prop} is invalid").addConstraintViolation()
6    return false
7}