mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
14 lines
418 B
Python
14 lines
418 B
Python
"""File I/O — positive fixture.
|
|
|
|
Vulnerable function: opens a file at a user-controlled path.
|
|
Expected verdict: Confirmed (path traversal payload reaches /etc/passwd).
|
|
"""
|
|
|
|
|
|
def read_file(path):
|
|
"""Vulnerable: reads file at user-controlled path."""
|
|
try:
|
|
with open(path) as f:
|
|
print(f.read())
|
|
except (OSError, PermissionError) as e:
|
|
print(f"Error reading {path}: {e}", end="")
|