Improper Neutralization of Wildcards or Matching Symbols
Description
Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. For instance, a file named `-e sh script.sh` could cause issues when expanded by the shell and executed as a command. Consider using a different method to achieve the same result, such as using the `glob` module to expand the wildcard before passing it to the system call. Or if the command is static, consider hardcoding the command instead of using a wildcard.
Examples
Insecure Code
python
subprocess.Popen("rm -rf *")Secure Code
python
import glob; files = glob.glob('*.csv'); for file in files: subprocess.run(['process_data', file])Remediation
Use the `glob` module to expand the wildcard before passing it to the system call, or hardcode the command if it is static.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0146 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-155 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | injection, wildcard |
| OWASP | A1:2017-Injection, A03:2021-Injection |