Hardening system command codemod hardens usage of constant data
nahsra opened this issue · 0 comments
nahsra commented
If you have code that looks like either of these:
private static final A = "a";
Runtime.getRuntime().exec(new String[]{"a", "b", "c"});
Runtime.getRuntime().exec(new String[]{A, "b", "c"});
... the codemod will change it, even though it's deducible that it's hardcoded/constant.