hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Add test of more indirect command injection sinks

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-09-28 11:16:34 +02:00
parent f7f6564189
commit 3af5c720cc
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/test/experimental/library-tests/frameworks/stdlib/SystemCommandExecution.py
View File

@@ -104,6 +104,13 @@ subprocess.Popen(["cmd.exe", "/C", "vuln"]) # $SystemCommandExecution_getComman
subprocess.Popen(["cmd", "/c", "vuln"]) # $SystemCommandExecution_getCommand="cmd" $f-:SystemCommandExecution_getCommand="vuln"
subprocess.Popen(["cmd", "/C", "vuln"]) # $SystemCommandExecution_getCommand="cmd" $f-:SystemCommandExecution_getCommand="vuln"
subprocess.Popen(["<progname>", "-c", "vuln"], executable="/bin/bash") # $SystemCommandExecution_getCommand="/bin/bash" $f-:SystemCommandExecution_getCommand="vuln"
if UNKNOWN:
os.execl("/bin/sh", "<progname>", "-c", "vuln") # $SystemCommandExecution_getCommand="/bin/sh" $f-:SystemCommandExecution_getCommand="vuln"
os.spawnl(os.P_WAIT, "/bin/sh", "<progname>", "-c", "vuln") # $SystemCommandExecution_getCommand="/bin/sh" $f-:SystemCommandExecution_getCommand="vuln"
################################################################################
# Taint related