def process_result result
call = result[:call]
args = call.arglist
first_arg = call.first_arg
case call.method
when :popen
unless array? first_arg
failure = include_user_input?(args) || dangerous_interp?(args)
end
when :system, :exec
failure = include_user_input?(first_arg) || dangerous_interp?(first_arg)
else
failure = include_user_input?(args) || dangerous_interp?(args)
end
if failure and original? result
if failure.type == :interp
confidence = :medium
else
confidence = :high
end
warn :result => result,
:warning_type => "Command Injection",
:warning_code => :command_injection,
:message => "Possible command injection",
:code => call,
:user_input => failure,
:confidence => confidence
end
end