Modify test

jorgectf · jorgectf · commit 8f8c0646327f · 2023-07-24T17:50:22.000+02:00
diff --git a/python/ql/test/query-tests/Security/CWE-078-UnsafeShellCommandConstruction/src/unsafe_shell_test.py b/python/ql/test/query-tests/Security/CWE-078-UnsafeShellCommandConstruction/src/unsafe_shell_test.py
@@ -1,13 +1,9 @@
 import os
 import subprocess
-import shlex
 
 def unsafe_shell_one(name):
     os.system("ping " + name) # $result=BAD
 
-    # shlex.quote sanitizer
-    os.system("ping " + shlex.quote(name)) # $result=OK
-
     # f-strings
     os.system(f"ping {name}") # $result=BAD
 
@@ -50,4 +46,8 @@ def indirect(flag, x):
     subprocess.Popen("ping " + name, shell=unknownValue) # OK - shell assumed to be False
 
 def intentional(command): 
-    os.system("fish -ic " + command) # $result=OK - intentional
+    os.system("fish -ic " + command) # $result=OK - intentional
+
+import shlex
+def unsafe_shell_sanitized(name): 
+    os.system("ping " + shlex.quote(name)) # $result=OK - sanitized
