We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent a574f23 commit 84c335aCopy full SHA for 84c335a
src/python/detectors/log_injection/log_injection.py
@@ -16,7 +16,7 @@ def logging_noncompliant():
16
# {fact rule=log-injection@v1.0 defects=0}
17
def logging_compliant():
18
filename = input("Enter a filename: ")
19
- if filename.isalnum():
+ if re.match(r'^[\w_ -\.]+$', filename):
20
# Compliant: input is validated before logging.
21
logger.info("Processing %s", filename)
22
# {/fact}
0 commit comments