Add a more generic message for rule g204 (#688)

This commit is contained in:
Cosmin Cojocar 2021-08-19 15:18:20 +02:00 committed by GitHub
parent b695b66e4d
commit d3309fb4f5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -77,7 +77,7 @@ func (r *subprocess) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, error) {
} }
} else if !gosec.TryResolve(arg, c) { } else if !gosec.TryResolve(arg, c) {
// the arg is not a constant or a variable but instead a function call or os.Args[i] // the arg is not a constant or a variable but instead a function call or os.Args[i]
return gosec.NewIssue(c, n, r.ID(), "Subprocess launched with function call as argument or cmd arguments", gosec.Medium, gosec.High), nil return gosec.NewIssue(c, n, r.ID(), "Subprocess launched with a potential tainted input or cmd arguments", gosec.Medium, gosec.High), nil
} }
} }
} }