include::../description.adoc[]

== Noncompliant Code Example

----
using System.Diagnostics;
using Microsoft.AspNetCore.Mvc;

namespace WebApplicationDotNetCore.Controllers
{
    public class NoncompliantController : Controller
    {
        public IActionResult Index()
        {
            return View();
        }

        public IActionResult Run(string args)
        {
            Process p = new Process();
            p.StartInfo.FileName = "/usr/bin/file.exe""; 
            p.StartInfo.Arguments = args; // Noncompliant
            p.StartInfo.RedirectStandardOutput = true;
            p.Start();
            string output = p.StandardOutput.ReadToEnd();
            p.Dispose();

            return View();
        }
    }
}
----

== Compliant Solution

----
using System.Diagnostics;
using System.Text.RegularExpressions;
using Microsoft.AspNetCore.Mvc;

namespace WebApplicationDotNetCore.Controllers
{
    public class CompliantController : Controller
    {
        public IActionResult Index()
        {
            return View();
        }

        public IActionResult Run(string arg)
        {
            Process p = new Process();
            p.StartInfo.FileName = "/usr/bin/file.exe""; 
            p.StartInfo.ArgumentList.Add(arg); // Compliant
            p.StartInfo.RedirectStandardOutput = true;
            p.Start();
            string output = p.StandardOutput.ReadToEnd();
            p.Dispose();

            return View();
        }
    }
}
----

include::../see.adoc[]