Open ariana02880 opened 11 months ago
I used Fortify_SCA 22.2.2 to scan vscode-csharp 1.23.11
Sink Location: src/features/processPicker.ts:504 Code Snippet: // Execute the process with proper command and arguments execFile(command, args, { cwd: workingDirectory, maxBuffer: 500 * 1024 }, (error: Error | null, stdout: string, stderr: string) => { if (error) { reject(error);
@ariana02880 Can you explain what the concern is? I am guessing the code that you are referencing is here: processPicker.ts#L654.
Environment data
I used Fortify_SCA 22.2.2 to scan vscode-csharp 1.23.11
Scan results
Sink Location: src/features/processPicker.ts:504 Code Snippet: // Execute the process with proper command and arguments execFile(command, args, { cwd: workingDirectory, maxBuffer: 500 * 1024 }, (error: Error | null, stdout: string, stderr: string) => { if (error) { reject(error);