hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 05:24:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Kernel#system -> Kernel.system

Browse Source
This commit is contained in:
Harry Maclean
2021-09-03 11:36:41 +01:00
parent 8f65d78cb5
commit 4ecc78effc
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ql/src/queries/security/cwe-078/CommandInjection.qhelp
View File

@@ -4,7 +4,7 @@
<qhelp>
<overview>
<p>Code that passes user input directly to
<code>Kernel#system</code>, <code>Kernel#exec</code>, or some other library
<code>Kernel.system</code>, <code>Kernel.exec</code>, or some other library
routine that executes a command, allows the user to execute malicious
code.</p>
@@ -24,7 +24,7 @@ safe before using it.</p>
<example>
<p>The following example shows code that takes a shell script that can be changed
maliciously by a user, and passes it straight to <code>Kernel#system</code>
maliciously by a user, and passes it straight to <code>Kernel.system</code>
without examining it first.</p>
<sample src="examples/command_injection.rb" />