...
Tool | Diagnostic |
---|---|
Taint mode | Insecure dependency in (system|piped open) |
Related Guidelines
SEI CERT C Coding Standard | ENV04ENV33-C. Do not call system() if you do not need a command processor |
---|---|
SEI CERT C++ Secure Coding Standard | ENV04VOID ENV02-CPP. Do not call system() if you do not need a command processor |
CERT Oracle Secure Coding Standard for Java | IDS07-J. Do not pass Sanitize untrusted , unsanitized data passed to the Runtime.exec() method |
Bibliography
...