28 lines
538 B
Plaintext
28 lines
538 B
Plaintext
|
include::../description.adoc[]
|
||
|
|
|
||
|
|
include::../ask-yourself.adoc[]
|
||
|
|
|
||
|
|
include::../recommended.adoc[]
|
||
|
|
|
||
|
|
== Sensitive Code Example
|
||
|
|
|
||
|
|
----
|
||
|
|
public void SensitiveExample() {
|
||
|
|
String cmd="file.exe";
|
||
|
|
var startInfo = new ProcessStartInfo();
|
||
|
|
startInfo.FileName = cmd; // Sensitive: file.exe will be search in PATH directories
|
||
|
|
}
|
||
|
|
----
|
||
|
|
|
||
|
|
== Compliant Solution
|
||
|
|
|
||
|
|
----
|
||
|
|
public void CompliantExample() {
|
||
|
|
String cmd="/usr/bin/file.exe";
|
||
|
|
var startInfo = new ProcessStartInfo();
|
||
|
|
startInfo.FileName = cmd; // Compliant
|
||
|
|
}
|
||
|
|
----
|
||
|
|
|
||
|
|
include::../see.adoc[]
|