You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I believe this is a false positive because even if file_prefix contains dangerous user input, it will be escaped before the system call. I might be missing something though.
The text was updated successfully, but these errors were encountered:
Background
Brakeman version: 4.2.1
Rails version: 5.1.6
Ruby version: 2.5.1
False Positive
Full warning from Brakeman:
Relevant code:
I believe this is a false positive because even if
file_prefix
contains dangerous user input, it will be escaped before the system call. I might be missing something though.The text was updated successfully, but these errors were encountered: