-
Notifications
You must be signed in to change notification settings - Fork 132
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pySCG adding CWE-78 code and doc #689
Conversation
Signed-off-by: Helge Wehder <[email protected]>
Co-authored-by: Georg Kunz <[email protected]> Signed-off-by: myteron <[email protected]>
Co-authored-by: Georg Kunz <[email protected]> Signed-off-by: myteron <[email protected]>
Co-authored-by: Georg Kunz <[email protected]> Signed-off-by: myteron <[email protected]>
|
||
``` | ||
|
||
Instead of listing files, the code in `noncompliant01.py` prints the first line of `/etc/passwd` on Linux or starts `net user` under Windows. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems to behave differently for me in Windows... we should discuss
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
updated content to explain a bit more
addressed typos and phrasing comments by bart Signed-off-by: myteron <[email protected]>
Signed-off-by: myteron <[email protected]>
Signed-off-by: myteron <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I cannot test the Windows runtime behavior issue @BartyBoi1128 pointed out, but I am ok with the other changes.
Got approval from Bart. This is part of #531 |
Adding CWE-78 as part of #531
also building on top of discussion from #654