hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/query-tests/Security/CWE-078/tst_shell-command-injection-from-environment.js
Esben Sparre Andreasen ba714a1214 JS: add execa.shell tests
2020-12-22 09:01:43 +01:00

11 lines
383 B
JavaScript
Raw Permalink Blame History

var cp = require('child_process'),
path = require('path'),
execa = require("execa");
(function() {
cp.execFileSync('rm', ['-rf', path.join(__dirname, "temp")]); // GOOD
cp.execSync('rm -rf ' + path.join(__dirname, "temp")); // BAD
execa.shell('rm -rf ' + path.join(__dirname, "temp")); // NOT OK
execa.shellSync('rm -rf ' + path.join(__dirname, "temp")); // NOT OK
});
Reference in New Issue View Git Blame Copy Permalink