Packages
sobelow
0.2.5
0.14.1
0.14.0
0.13.0
0.12.2
0.12.1
0.12.0
0.11.1
0.11.0
0.10.6
0.10.5
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.3
0.9.2
0.9.1
0.9.0
0.8.0
0.7.8
0.7.7
0.7.6
0.7.5
0.7.4
0.7.3
0.7.2
0.7.1
0.7.0
0.6.9
0.6.8
0.6.7
0.6.6
0.6.5
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.4
0.5.3
0.5.2
0.5.1
0.5.0
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.12
0.3.11
0.3.10
0.3.9
0.3.8
0.3.7
0.3.6
0.3.5
0.3.4
0.3.3
0.3.2
0.3.1
0.3.0
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
Security-focused static analysis for Elixir & the Phoenix framework
Current section
Files
Jump to
Current section
Files
lib/sobelow/ci.ex
defmodule Sobelow.CI do
@moduledoc """
# Command Injection
Command Injection vulnerabilities are a result of
passing untrusted input to an operating system shell,
and may result in complete system compromise.
Read more about Command Injection here:
https://www.owasp.org/index.php/Command_Injection
Command Injection checks can be ignored with the
following command:
$ mix sobelow -i CI
"""
@submodules [Sobelow.CI.System, Sobelow.CI.OS]
use Sobelow.Finding
def get_vulns(fun, filename, web_root) do
filename = String.replace_prefix(filename, "/", "")
path = web_root <> String.replace_prefix(filename, "web/", "")
|> Path.expand("")
|> String.replace_prefix("/", "")
allowed = @submodules -- Sobelow.get_ignored()
Enum.each allowed, fn mod ->
apply(mod, :run, [fun, path])
end
end
end