Avoid command injection

문서 > Datadog 보안 > Code Security > Static Code Analysis (SAST) > SAST Rules > Avoid command injection

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: go-security/command-injection

Language: Go

Severity: Warning

Category: Security

CWE: 78

Description

In Go, the exec.Command function is used to run external commands. Using this function carelessly can lead to command injection vulnerabilities. Carefully review the data flow that leads to a command execution and ensures no data can be injected by a third-party.

Command injection occurs when untrusted input is passed directly to a system shell, allowing an attacker to execute arbitrary commands. This can result in unauthorized access to the system, data leaks, or other security breaches.

Avoid executing commands constructed using user-provided data, or if you must, always validate and sanitize user inputs before passing them to exec.Command.

How to remediate?

Either remove the user-controlled data, filter the potential command with a list of allowed command or sanitize the command before execution.

If there still are variables in the arguments to exec.Command after remediation, include the following comment before the line to suppress the warning:

// no-dd-sa:go-security/command-injection

Non-Compliant Code Examples

import (
	"context"
	"os"
	"os/exec"
)

func main() {
	directory := os.Args[1]
	ctx := context.Background()
	cmd := exec.CommandContext(ctx, "/bin/ls", directory)
	output, err := cmd.CombinedOutput()
}

import (
	"os"
	"os/exec"
)

func main() {
	directory1 := os.Args[1]
	directory2 := os.Args[2]
	cmd := exec.Command("/bin/ls", directory1, directory2)
	output, err := cmd.CombinedOutput()
}

Compliant Code Examples

import (
    "os/exec"
)

func main () {
    res, err := exec.Command("/bin/ls", "something")
}

import (
    "context"
    "os/exec"
)

func main () {
    ctx := context.Background()
    res, err := exec.CommandContext(ctx, "/bin/ls")
}