Commit 7e7f4c1
committed
security: fix remaining subprocess vulnerabilities in container_dispatcher.py
- Add validation to handle_multi() push parameter
- Use static script paths to prevent path injection
- Validate boolean type for push parameter
- Addresses remaining Semgrep subprocess security warnings
Fixes: Semgrep alert 1211 (remaining subprocess calls)1 parent 58d870f commit 7e7f4c1
1 file changed
Lines changed: 10 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
59 | 59 | | |
60 | 60 | | |
61 | 61 | | |
| 62 | + | |
| 63 | + | |
62 | 64 | | |
63 | | - | |
| 65 | + | |
64 | 66 | | |
65 | 67 | | |
66 | 68 | | |
| |||
99 | 101 | | |
100 | 102 | | |
101 | 103 | | |
102 | | - | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
103 | 111 | | |
104 | 112 | | |
105 | 113 | | |
| |||
0 commit comments