User input influences a system command. This allows a malicious user to inject custom commands and take control of a system. This can be sanitized with shellescape to avoid injection.
1class UsersController < ActionController::Base
2 def oscommand_injection_compliant
3 cmd = params[:cmd]
4 # Noncompliant: User data used directly as a command without escaping
5 system(cmd)
6 end
7end
1require "shellwords"
2
3class UsersController < ActionController::Base
4 def oscommand_injection_noncompliant
5 cmd = params[:cmd]
6 safe_cmd = Shellwords.escape(cmd)
7 # Compliant: User data has been escaped
8 system(safe_cmd)
9 end
10end