mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Add a more generic message for rule g204 (#688)
This commit is contained in:
parent
b695b66e4d
commit
d3309fb4f5
1 changed files with 1 additions and 1 deletions
|
@ -77,7 +77,7 @@ func (r *subprocess) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, error) {
|
||||||
}
|
}
|
||||||
} else if !gosec.TryResolve(arg, c) {
|
} else if !gosec.TryResolve(arg, c) {
|
||||||
// the arg is not a constant or a variable but instead a function call or os.Args[i]
|
// the arg is not a constant or a variable but instead a function call or os.Args[i]
|
||||||
return gosec.NewIssue(c, n, r.ID(), "Subprocess launched with function call as argument or cmd arguments", gosec.Medium, gosec.High), nil
|
return gosec.NewIssue(c, n, r.ID(), "Subprocess launched with a potential tainted input or cmd arguments", gosec.Medium, gosec.High), nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue