Showing 28 of 30 total issues
subprocess call - check for execution of untrusted input. Open
Open
sp.check_call(["docker", "save", "-o", stream.name, image])
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
prefix = ["docker", "run",
# FIXME: The -v/-w settings are convenient for testing, but they
# should be configurable.
"-v", "{}:/tmp".format(os.getcwd()),
"-w", "/tmp",
- Exclude checks
Try, Except, Pass detected. Open
Open
except:
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
p = sp.Popen(cmd, stdin=sp.PIPE, stdout=sp.PIPE, stderr=sp.PIPE)
- Exclude checks
Starting a process with a shell, possible injection detected, security issue. Open
Open
os.system(
'{} build_{} --cmdsuite {} --manpath {} --rstpath {}'.format(
setup_py_path,
cmd,
'datalad_container:command_suite',
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
data = subprocess.run(
[command, "inspect", "--json", path],
check=True,
stdout=subprocess.PIPE).stdout.decode()
- Exclude checks
Starting a process with a partial executable path Open
Open
out = sp.check_output(
["docker", "images", "--all", "--quiet", "--no-trunc"])
- Exclude checks