Add BAD markers to samples

2026-04-23 15:55:18 +02:00 · 2023-12-13 12:55:23 -05:00
parent 709649e9df
commit e14be0e971
2 changed files with 3 additions and 1 deletions
--- a/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironmentName.java
+++ b/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironmentName.java
@@ -3,7 +3,8 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) {
    String value = request.getParameter("value");

    Map<String, String> env = processBuilder.environment();
-    env.put(attribute, value);
+    // BAD: attr and value are tainted and being added to the environment
+    env.put(attr, value);

    processBuilder.start();
 }
--- a/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironmentValue.java
+++ b/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironmentValue.java
@@ -2,6 +2,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) {
    String path = request.getParameter("path");

    Map<String, String> env = processBuilder.environment();
+    // BAD: path is tainted and being added to the environment
    env.put("PATH", path);

    processBuilder.start();