Packages
sobelow
0.6.2
0.14.1
0.14.0
0.13.0
0.12.2
0.12.1
0.12.0
0.11.1
0.11.0
0.10.6
0.10.5
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.3
0.9.2
0.9.1
0.9.0
0.8.0
0.7.8
0.7.7
0.7.6
0.7.5
0.7.4
0.7.3
0.7.2
0.7.1
0.7.0
0.6.9
0.6.8
0.6.7
0.6.6
0.6.5
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.4
0.5.3
0.5.2
0.5.1
0.5.0
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.12
0.3.11
0.3.10
0.3.9
0.3.8
0.3.7
0.3.6
0.3.5
0.3.4
0.3.3
0.3.2
0.3.1
0.3.0
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
Security-focused static analysis for Elixir & the Phoenix framework
Current section
Files
Jump to
Current section
Files
lib/sobelow/ci/system.ex
defmodule Sobelow.CI.System do
alias Sobelow.Utils
use Sobelow.Finding
@finding_type "Command Injection in `System.cmd`"
def run(fun, meta_file) do
severity = if meta_file.is_controller?, do: false, else: :low
{findings, params, {fun_name, [{_, line_no}]}} = parse_def(fun)
Enum.each findings, fn {finding, var} ->
Utils.add_finding(line_no, meta_file.filename, fun, fun_name,
var, Utils.get_sev(params, var, severity),
finding, @finding_type)
end
end
def parse_def(fun) do
Utils.get_fun_vars_and_meta(fun, 0, :cmd, [:System])
end
def details() do
Sobelow.CI.details()
end
end