...
The single argument version of the Runtime.exec() method uses a StringTokenizer to parse the argument into separate tokens. Consequently, command separators maliciously inserted into the argument fail to delimit the original command, so an adversary is unable to execute arbitrary system commands. Nevertheless, this noncompliant code example remains vulnerable, because a lax security policy could permit an attacker to invoke an external (and potentially privileged) program.
| Code Block | ||
|---|---|---|
| ||
String programName = System.getProperty("program.name");
if (programName != null){
// Runs user controlled program
Runtime runtime = Runtime.getRuntime();
Process proc = runtime.exec(programName);
}
|
...