LeapFixSeverity: Critical
Score: 9.1
Accurracy: 50% Confirmed
Language: Go
CVSS v3.1: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Remote Command Execution vulnerability detected.
Using system commands with unsanitized input can lead to command execution vulnerabilities. The following code []string{"sh", "-c", req.FormValue("name")} has a vulnerability due to its poor structure to process data entered by users.
An attacker can inject malicious commands into the application and force the operating system.
binary, lookErr := exec.LookPath("sh")
if lookErr != nil {
panic(lookErr)
}
env := os.Environ()
args := []string{"sh", "-c", req.FormValue("name")}
execErr := syscall.Exec(binary, args, env)
if execErr != nil {
panic(execErr)
}This example "how to fix your code!"
The following code args := []string{"echo", req.FormValue("name")} ensures greater security when processing data entered by users.
An attacker can no longer inject malicious commands into the application as in the previous example. We do not recommend the use of operating system functions, but if possible, adapt the algorithm without an operating system function to perform the same function as an operating system command.
This is just example:
binary, lookErr := exec.LookPath("echo")
if lookErr != nil {
panic(lookErr)
}
env := os.Environ()
args := []string{"echo", req.FormValue("name")}
execErr := syscall.Exec(binary, args, env)
if execErr != nil {
panic(execErr)
}