CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.10-dev (changelog, source)
Search

Predicate UnsafeShellCommandConstruction::executesArrayAsShell

Holds if the arguments array given to sys is joined as a string because shell is set to true.

Import path

import semmle.javascript.security.dataflow.UnsafeShellCommandConstructionCustomizations
predicate executesArrayAsShell(SystemCommandExecution sys)