mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
59 lines
1.4 KiB
C#
59 lines
1.4 KiB
C#
using Microsoft.CSharp;
|
|
using Microsoft.CodeAnalysis.CSharp.Scripting;
|
|
using System;
|
|
using System.CodeDom.Compiler;
|
|
using System.Reflection;
|
|
using System.Web;
|
|
|
|
namespace Microsoft.CodeAnalysis.CSharp.Scripting
|
|
{
|
|
public static class CSharpScript
|
|
{
|
|
public static void EvaluateAsync(string code)
|
|
{
|
|
// Dummy implementation
|
|
}
|
|
}
|
|
}
|
|
|
|
public class CommandInjectionHandler : IHttpHandler
|
|
{
|
|
public void ProcessRequest(HttpContext ctx)
|
|
{
|
|
string code = ctx.Request.QueryString["code"];
|
|
CSharpCodeProvider c = new CSharpCodeProvider();
|
|
ICodeCompiler icc = c.CreateCompiler();
|
|
|
|
CompilerParameters cp = new CompilerParameters();
|
|
// BAD: Compiling unvalidated code from the user
|
|
CompilerResults cr = icc.CompileAssemblyFromSource(cp, code);
|
|
|
|
System.Reflection.Assembly a = cr.CompiledAssembly;
|
|
object o = a.CreateInstance("MyNamespace.MyClass");
|
|
|
|
Type t = o.GetType();
|
|
MethodInfo mi = t.GetMethod("Eval");
|
|
|
|
object s = mi.Invoke(o, null);
|
|
|
|
// BAD: Use the Roslyn APIs to dynamically evaluate C#
|
|
CSharpScript.EvaluateAsync(code);
|
|
}
|
|
|
|
public bool IsReusable
|
|
{
|
|
get
|
|
{
|
|
return true;
|
|
}
|
|
}
|
|
|
|
System.Windows.Forms.RichTextBox box1;
|
|
|
|
void OnButtonClicked()
|
|
{
|
|
// BAD: Use the Roslyn APIs to dynamically evaluate C#
|
|
CSharpScript.EvaluateAsync(box1.Text);
|
|
}
|
|
}
|