hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Modify test

Browse Source
This commit is contained in:
jorgectf
2023-07-24 17:50:22 +02:00
parent 3ac94c33b2
commit 8f8c064632
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
python/ql/test/query-tests/Security/CWE-078-UnsafeShellCommandConstruction/src/unsafe_shell_test.py
View File

@@ -1,13 +1,9 @@
import os
import subprocess
import shlex
def unsafe_shell_one(name):
os.system("ping " + name) # $result=BAD
# shlex.quote sanitizer
os.system("ping " + shlex.quote(name)) # $result=OK
# f-strings
os.system(f"ping {name}") # $result=BAD
@@ -50,4 +46,8 @@ def subprocess_flag (name):
subprocess.Popen("ping " + name, shell=unknownValue) # OK - shell assumed to be False
def intentional(command):
os.system("fish -ic " + command) # $result=OK - intentional
os.system("fish -ic " + command) # $result=OK - intentional
import shlex
def unsafe_shell_sanitized(name):
os.system("ping " + shlex.quote(name)) # $result=OK - sanitized