# Copyright (c) 2015 Sqreen. All Rights Reserved.
# Please refer to our terms for more information: https://www.sqreen.io/terms.html

require 'sqreen/rules_callbacks/shell'

module Sqreen
  module Rules
    # Look for Shell injections in system like calls
    class SystemShellCB < ShellCB
      alias initial_pre pre
      def pre(inst, *args, &block)
        return if args.size == 0
        cmd = args[0]
        if cmd.is_a?(Hash)
          # skip optional env arguments
          return unless args.size > 1
          cmd = args[1]
        end
        # skip [cmd, argv0] arguments
        return if cmd.is_a?(Array)
        initial_pre(inst, cmd, &block)
      end
    end
  end
end