80 lines
1.9 KiB
Plaintext
80 lines
1.9 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
|
|
----
|
|
using System.Diagnostics;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace WebApplicationDotNetCore.Controllers
|
|
{
|
|
public class RSPEC2076OSCommandInjectionNoncompliantController : Controller
|
|
{
|
|
public IActionResult Index()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
public IActionResult Run(string binary)
|
|
{
|
|
// If the value "/sbin/shutdown" is passed as binary and the web server is running as root,
|
|
// then the machine running the web server will be shut down and become unavailable for future requests
|
|
|
|
Process p = new Process();
|
|
p.StartInfo.FileName = binary; // Noncompliant
|
|
p.StartInfo.RedirectStandardOutput = true;
|
|
p.Start();
|
|
string output = p.StandardOutput.ReadToEnd();
|
|
p.Dispose();
|
|
|
|
return View();
|
|
}
|
|
}
|
|
}
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
using System.Diagnostics;
|
|
using System.Text.RegularExpressions;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace WebApplicationDotNetCore.Controllers
|
|
{
|
|
public class RSPEC2076OSCommandInjectionCompliantControllerController : Controller
|
|
{
|
|
public IActionResult Index()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
public IActionResult Run(string binary)
|
|
{
|
|
if (binary.Equals("/usr/bin/ls") || binary.Equals("/usr/bin/cat"))
|
|
{
|
|
// only ls and cat commands are authorized
|
|
|
|
Process p = new Process();
|
|
p.StartInfo.FileName = binary; // Compliant
|
|
p.StartInfo.RedirectStandardOutput = true;
|
|
p.Start();
|
|
string output = p.StandardOutput.ReadToEnd();
|
|
p.Dispose();
|
|
}
|
|
|
|
return View();
|
|
}
|
|
}
|
|
}
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::rspecator-view[]
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::rspecator-view[]
|