lib/brakeman/checks/check_execute.rb in brakeman-lib-3.3.2 vs lib/brakeman/checks/check_execute.rb in brakeman-lib-3.3.3
- old
+ new
@@ -51,12 +51,11 @@
failure = include_user_input?(first_arg) || dangerous_interp?(first_arg)
else
failure = include_user_input?(args) || dangerous_interp?(args)
end
- if failure and not duplicate? result
- add_result result
+ if failure and original? result
if failure.type == :interp #Not from user input
confidence = CONFIDENCE[:med]
else
confidence = CONFIDENCE[:high]
@@ -105,12 +104,10 @@
end
end
#Processes backticks.
def process_backticks result
- return if duplicate? result
-
- add_result result
+ return unless original? result
exp = result[:call]
if input = include_user_input?(exp)
confidence = CONFIDENCE[:high]