Struts: Form Field Without Validator

Draft Variant

Structure: Simple

Description

The product has a form field that is not validated by a corresponding validation form, which can introduce other weaknesses related to insufficient input validation.

Extended Description

Omitting validation for even a single input field may give attackers the leeway they need to compromise the product. Although J2EE applications are not generally susceptible to memory corruption attacks, if a J2EE application interfaces with native code that does not perform array bounds checking, an attacker may be able to use an input validation mistake in the J2EE application to launch a buffer overflow attack.

Common Consequences 2

Scope: Integrity

Impact: Unexpected State

Scope: Integrity

Impact: Bypass Protection Mechanism

If unused fields are not validated, shared business logic in an action may allow attackers to bypass the validation checks that are performed for other uses of the form.

Potential Mitigations 1

Phase: Implementation

Validate all form fields. If a field is unused, it is still important to constrain it so that it is empty or undefined.

Demonstrative Examples 1

In the following example the Java class RegistrationForm is a Struts framework ActionForm Bean that will maintain user input data from a registration webpage for an online business site. The user will enter registration data and, through the Struts framework, the RegistrationForm bean will maintain the user data in the form fields using the private member variables. The RegistrationForm class uses the Struts validation capability by extending the ValidatorForm class and including the validation for the form fields within the validator XML file, validator.xml.

Code Example:

Result

bash

// private variables for registration form* private String name; private String address; private String city; private String state; private String zipcode; private String phone; private String email;

bash

bash

The validator XML file, validator.xml, provides the validation for the form fields of the RegistrationForm.

Code Example:Bad
XML
xml

However, in the previous example the validator XML file, validator.xml, does not provide validators for all of the form fields in the RegistrationForm. Validator forms are only provided for the first five of the seven form fields. The validator XML file should contain validator forms for all of the form fields for a Struts ActionForm bean. The following validator.xml file for the RegistrationForm class contains validator forms for all of the form fields.

Code Example:Good
XML
xml

References 1

Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors

Katrina Tsipenyuk, Brian Chess, and Gary McGraw

NIST Workshop on Software Security Assurance Tools Techniques and Metrics • NIST

07-11-2005

https://samate.nist.gov/SSATTM_Content/papers/Seven%20Pernicious%20Kingdoms%20-%20Taxonomy%20of%20Sw%20Security%20Errors%20-%20Tsipenyuk%20-%20Chess%20-%20McGraw.pdf

ID: REF-6

Applicable Platforms

Languages:

Java : Undetermined

Modes of Introduction

Implementation

Related Weaknesses

ChildOf:

Improper Use of Validation Framework (CWE-1173)

ChildOf:

Improper Input Validation (CWE-20)

Taxonomy Mapping

7 Pernicious Kingdoms
Software Fault Patterns