hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-02 04:10:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
146a3a929d0ca89a5ba75c73f11e8bb009ff74fe
codeql/javascript/ql/src/Security/CWE-078/examples/command-injection_shellquote.js
Max Schaefer f89992eb16 Address more review feedback.
2023-07-05 12:02:11 +01:00

11 lines
308 B
JavaScript
Raw Blame History

var cp = require("child_process"),
http = require('http'),
url = require('url'),
shellQuote = require('shell-quote');
var server = http.createServer(function(req, res) {
let options = url.parse(req.url, true).query.options;
cp.execFileSync('wc', shellQuote.parse(options)); // GOOD
});
Reference in New Issue View Git Blame Copy Permalink