lib/brakeman/checks/check_execute.rb in brakeman-lib-4.4.0 vs lib/brakeman/checks/check_execute.rb in brakeman-lib-4.5.0

@@ -88,9 +88,27 @@
           :confidence => :high
       end
     end
   end
 
+  def include_user_input? exp
+    if node_type? exp, :arglist, :dstr, :evstr, :dxstr
+      exp.each_sexp do |e|
+        if res = include_user_input?(e)
+          return res
+        end
+      end
+
+      false
+    else
+      if shell_escape? exp
+        false
+      else
+        super exp
+      end
+    end
+  end
+
   def dangerous_open_arg? exp
     if string_interp? exp
       # Check for input at start of string
       exp[1] == "" and
         node_type? exp[2], :evstr and