Prevent shell injection


ID: csharp-security/shell-injection

Language: C#

Severity: Warning

Category: Security


Never build a command to execute manually by concatenating strings. Instead, validate each component of the command to ensure there is no user-input.

Learn More

Non-Compliant Code Examples

public class Sample
    public void myMethod(string myProgram)
        Process p = new Process();
        p.StartInfo.FileName = "path/to/" + myProgram;
} jetbrains

Seamless integrations. Try Datadog Code Analysis