Skip to content

ABAP Keyword Documentation →  ABAP - Security Notes →  Security Risks Caused by Input from Outside 

Directory Traversal

Physical file names can be specified as the content of a character-like data object in the statements and system class of the ABAP file interface. If some or all of this content originates outside of the calling program, there is a risk that files or file paths are accessed by unauthorized sources (this is known as directory traversal). The following are potential security risks when using input from outside to access the ABAP file interface:

  • A file name used in the statements OPEN DATASET and DELETE DATASET originates either partly or in full from outside the program.
  • A file name passed to the method CREATE_UTF8_FILE_WITH_BOM of the system class CL_ABAP_FILE_UTILITIES originates either partly or in full from outside the program.

To act against this security risk, the file names must be validated. This can be a self-programmed validation or the function module FILE_VALIDATE_NAME can be used. This function module checks whether a physical file name matches a logical file name or whether it is a valid directory. One prerequisite is that the matching file names or logical paths were created using the transactions FILE or SF01.

Other versions: 7.31 | 7.40 | 7.54


Notes

  • If a program uses logical file names exclusively, instead of physical file names, the physical file names or paths required by the statements are constructed using the function module FILE_GET_NAME only. In this case, validation is not usually necessary.

Example

See the examples under Validating File Names.