hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Explain command substitution

Browse Source
This commit is contained in:
intrigus-lgtm
2022-08-17 22:30:43 +02:00
committed by GitHub
parent 45f708bb58
commit f978951cbe
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.qhelp
View File

@@ -4,7 +4,10 @@
<qhelp>
<overview>
<p>The code passes user input to <code>wordexp</code>. This leaves the code
vulnerable to attack by command injection, because <code>wordexp</code> performs command substitution.</p>
vulnerable to attack by command injection, because <code>wordexp</code> performs command substitution.
Command substitution is a feature that replaces <code>$(command)</code> or <code>`command`</code> with the
output of the given command, allowing the user to run arbitrary code on the system.
</p>
</overview>
<recommendation>