mirror of
https://github.com/github/codeql.git
synced 2026-04-23 15:55:18 +02:00
Docs review suggestions
Co-authored-by: Felicity Chapman <felicitymay@github.com>
This commit is contained in:
committed by
Ed Minnix
parent
a528db8958
commit
938d52b86f
@@ -25,6 +25,12 @@ safe before using it.</p>
|
||||
<p>In the following (BAD) example, an environment variable is set with a name that is derived from the user input <code>var</code> without validation.</p>
|
||||
|
||||
<sample src="ExecTaintedEnvironmentName.java" />
|
||||
<p>In the following (GOOD) example, the user's input is validated before being used to set the environment variable.</p>
|
||||
|
||||
<sample src="ExecTaintedEnvironmentValidated.java" />
|
||||
|
||||
<p>In the following (GOOD) example, the user's input is checked and used to determine an environment variable to add.</p>
|
||||
|
||||
<sample src="ExecTaintedEnvironmentChecked.java" />
|
||||
</example>
|
||||
</qhelp>
|
||||
@@ -1,7 +1,7 @@
|
||||
/**
|
||||
* @name Building a command with an injected environment variable
|
||||
* @description Using externally controlled strings in the environment variables
|
||||
* passed to a command line is vulnerable to malicious changes to the
|
||||
* @description Passing environment variables containing externally controlled
|
||||
* strings to a command line is vulnerable to malicious changes to the
|
||||
* environment of a subprocess.
|
||||
* @problem.severity error
|
||||
* @kind path-problem
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
Map<String, String> env = builder.environment();
|
||||
String debug = request.getParameter("debug");
|
||||
|
||||
if (debug != null) {
|
||||
env.put("PYTHONDEBUG", "1");
|
||||
}
|
||||
@@ -0,0 +1,9 @@
|
||||
String opt = request.getParameter("opt");
|
||||
String value = request.getParameter("value");
|
||||
|
||||
Map<String, String> env = processBuilder.environment();
|
||||
|
||||
// GOOD: opt and value are checked before being added to the environment
|
||||
if (permittedJavaOptions.contains(opt) && validOption(opt, value)) {
|
||||
env.put(opt, value);
|
||||
}
|
||||
Reference in New Issue
Block a user