=== How to fix it in Apache Commons

include::../../common/fix/code-rationale.adoc[]

==== Non-compliant code example

[source,java,diff-id=1,diff-type=noncompliant]
----
@Controller
public class ExampleController
{
    @GetMapping(value = "/exec")
    public void exec(@RequestParam("command") String command) throws IOException {

        CommandLine cmd = new CommandLine(command);
        DefaultExecutor executor = new DefaultExecutor();
        executor.execute(cmd);
    }
}
----

==== Compliant solution

[source,java,diff-id=1,diff-type=compliant]
----
@Controller
public class ExampleController
{
    @GetMapping(value = "/exec")
    public void exec(@RequestParam("command") String command) throws IOException {

        List<String> allowedCmds = new ArrayList<String>();
        allowedCmds.add("/bin/ls");
        allowedCmds.add("/bin/cat");

        if (allowedCmds.contains(command)){
            CommandLine cmd = new CommandLine(command);
            DefaultExecutor executor = new DefaultExecutor();
            executor.execute(cmd);
        }
    }
}
----

=== How does this work?

include::../../common/fix/introduction.adoc[]

include::../../common/fix/pre-approved-list.adoc[]

:sanitizationLib: org.apache.commons.exec.CommandLine.addArguments(String[] addArguments)
include::../../common/fix/sanitize-meta-characters.adoc[]

Here `{sanitizationLib}` takes care of escaping the passed arguments and
internally creates a single string given to the operating system to be
executed.