GitHub-Mirror/PowerShell
1
0
Fork 0
mirror of https://github.com/PowerShell/PowerShell synced 2025-10-06 00:22:59 +02:00
Code Issues Releases Wiki Activity

Add CodeQL suppresion for NativeCommandProcessor (#26145)

Browse Source
This commit is contained in:
Anam Navied
2025-10-03 17:48:30 -04:00
committed by GitHub
parent d5267d2ee6
commit be0542b193
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/System.Management.Automation/engine/NativeCommandProcessor.cs
View File

@@ -1677,6 +1677,7 @@ namespace System.Management.Automation
{ {
using (ParameterBinderBase.bindingTracer.TraceScope("BIND argument [{0}]", NativeParameterBinderController.Arguments)) using (ParameterBinderBase.bindingTracer.TraceScope("BIND argument [{0}]", NativeParameterBinderController.Arguments))
{ {
// codeql[cs/microsoft/command-line-injection ] - This is intended PowerShell behavior as NativeParameterBinderController.Arguments is what the native parameter binder generates based on the user input when invoking the command and cannot be injected externally.
startInfo.Arguments = NativeParameterBinderController.Arguments; startInfo.Arguments = NativeParameterBinderController.Arguments;
} }
} }