Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter .
TRY THIS RULE ID: csharp-security/shell-injection
Language: C#
Severity: Warning
Category: Security
CWE : 78
Description Never build a command to execute manually by concatenating strings. Instead, validate each component of the command to ensure there is no user-input.
Learn More Non-Compliant Code Examples public class Sample
{
public void myMethod ( string myProgram )
{
Process p = new Process ();
p . StartInfo . FileName = "path/to/" + myProgram ;
p . Start ();
}
}
public class Runner {
public static int Run ( string cmd , string args , string input ) {
ProcessStartInfo startInfo = new ProcessStartInfo
{
WorkingDirectory = Settings . RootDir ,
FileName = cmd ,
Arguments = args ,
UseShellExecute = false ,
RedirectStandardInput = true ,
RedirectStandardError = true ,
RedirectStandardOutput = true ,
};
using ( Process process = new Process ())
{
process . EnableRaisingEvents = true ;
process . StartInfo = startInfo ;
process . Start ();
}
}
}
Compliant Code Examples using Microsoft.AspNetCore.Mvc ;
using System ;
using System.Diagnostics ;
using System.IO ;
using System.Web ;
namespace OwaspBenchmark.Controllers
{
public class Cmdi03Controller : Controller
{
[Route("cmdi-03/BenchmarkTest02611")]
public IActionResult BenchmarkTest02611 ( string BenchmarkTest02611 )
{
string param = BenchmarkTest02611 ;
if ( string . IsNullOrEmpty ( param ))
{
return Content ( "getQueryString() couldn't find expected parameter 'BenchmarkTest02611' in query string." );
}
param = HttpUtility . UrlDecode ( param );
string bar = DoSomething ( param );
string cmd = "" ;
string a1 = "" ;
string a2 = "" ;
string [] args = null ;
string osName = System . getProperty ( "os.name" );
if ( osName . IndexOf ( "Windows" ) != - 1 )
{
a1 = "cmd.exe" ;
a2 = "/c" ;
cmd = "echo " ;
//Vulnerability is maintained
args = new string [] { a1 , a2 , cmd , bar };
}
else
{
a1 = "sh" ;
a2 = "-c" ;
cmd = "ls " ;
//Vulnerability is maintained
args = new string [] { a1 , a2 , cmd + bar };
}
string [] argsEnv = { "foo=bar" };
try
{
ProcessStartInfo psi = new ProcessStartInfo ();
psi . FileName = args [ 0 ];
psi . Arguments = string . Join ( " " , args . Skip ( 1 ));
psi . UseShellExecute = false ;
psi . RedirectStandardOutput = true ;
psi . RedirectStandardError = true ;
Process p = Process . Start ( psi );
string output = p . StandardOutput . ReadToEnd ();
string error = p . StandardError . ReadToEnd ();
p . WaitForExit ();
return Content ( "Output:\n" + output + "\nError:\n" + error );
}
catch ( Exception e )
{
return Content ( "Problem executing cmdi - TestCase: " + e . Message );
}
}
private static string DoSomething ( string param )
{
ThingInterface thing = ThingFactory . CreateThing ();
string bar = thing . DoSomething ( param );
return bar ;
}
}
public interface ThingInterface
{
string DoSomething ( string param );
}
public class ThingFactory
{
public static ThingInterface CreateThing ()
{
return new RealThing ();
}
}
public class RealThing : ThingInterface
{
public string DoSomething ( string param )
{
return param ;
}
}
}
Seamless integrations. Try Datadog Code Security
