From 9bb79968e5330ad350da015ee07c567df958b9d4 Mon Sep 17 00:00:00 2001
From: ZeroPath <noreply@zeropath.com>
Date: Mon, 7 Jul 2025 22:41:13 +0000
Subject: [PATCH 1/2] fix: replace insecure pickle deserialization with safe
 JSON handling

---
 owasp-top10-2021-apps/a8/amarelo-designs/app/app.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py b/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
index 92e24231e..e02c418f8 100644
--- a/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
+++ b/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
@@ -2,7 +2,7 @@
 
 from flask import Flask, request, make_response, render_template, redirect, flash
 import uuid
-import pickle
+import json
 import base64
 app = Flask(__name__)
 
@@ -20,8 +20,8 @@ def login():
         if username == "admin" and password == "admin":
             token = str(uuid.uuid4().hex)
             cookie = { "username":username, "admin":True, "sessionId":token }
-            pickle_resultado = pickle.dumps(cookie)
-            encodedSessionCookie = base64.b64encode(pickle_resultado)
+            json_bytes = json.dumps(cookie).encode('utf-8')
+            encodedSessionCookie = base64.b64encode(json_bytes)
             resp = make_response(redirect("/user"))
             resp.set_cookie("sessionId", encodedSessionCookie)
             return resp
@@ -37,7 +37,8 @@ def userInfo():
     cookie = request.cookies.get("sessionId")
     if cookie == None:
         return "Não Autorizado!"
-    cookie = pickle.loads(base64.b64decode(cookie))
+    decoded = base64.b64decode(cookie)
+    cookie = json.loads(decoded.decode('utf-8'))
 
     return render_template('user.html')
     

From 8fce109781cfa208c65cffad1649c819eeddf525 Mon Sep 17 00:00:00 2001
From: ZeroPath <noreply@zeropath.com>
Date: Mon, 7 Jul 2025 22:47:59 +0000
Subject: [PATCH 2/2] docs: add comments to enhance code readability and
 context

---
 owasp-top10-2021-apps/a8/amarelo-designs/app/app.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py b/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
index e02c418f8..a41f06a07 100644
--- a/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
+++ b/owasp-top10-2021-apps/a8/amarelo-designs/app/app.py
@@ -7,10 +7,12 @@
 app = Flask(__name__)
 
 
+# Home sweet home: render the landing page
 @app.route("/")
 def ola():
     return render_template('index.html')
 
+# Admin login flow: only for the big boss
 @app.route("/admin", methods=['GET','POST'])
 def login():
     if request.method == 'POST':
@@ -20,6 +22,7 @@ def login():
         if username == "admin" and password == "admin":
             token = str(uuid.uuid4().hex)
             cookie = { "username":username, "admin":True, "sessionId":token }
+            # Rolling with JSON serialization + base64 for that secret sauce
             json_bytes = json.dumps(cookie).encode('utf-8')
             encodedSessionCookie = base64.b64encode(json_bytes)
             resp = make_response(redirect("/user"))
@@ -37,13 +40,17 @@ def userInfo():
     cookie = request.cookies.get("sessionId")
     if cookie == None:
         return "Não Autorizado!"
+    # Decode the good vibes from our secure cookie
     decoded = base64.b64decode(cookie)
+    # Unwrap JSON to get the session details
     cookie = json.loads(decoded.decode('utf-8'))
 
+    # Show user dashboard, enjoy the ride!
     return render_template('user.html')
     
 
 
 
 if __name__ == '__main__':
+    # All aboard the server express!
     app.run(debug=True,host='0.0.0.0')