Introduced protections against system command injection

2lambda123 · May 4, 2024 · f010507 · f010507
1 parent 550b7c9
commit f010507
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java b/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java
@@ -8,6 +8,7 @@
 
 package org.elasticsearch.gradle.reaper;
 
+import io.github.pixee.security.SystemCommand;
 import java.io.Closeable;
 import java.io.IOException;
 import java.io.UncheckedIOException;
@@ -68,7 +69,7 @@ private void reap() {
                 String line = Files.readString(inputFile);
                 System.out.println("Running command: " + line);
                 String[] command = line.split(" ");
-                Process process = Runtime.getRuntime().exec(command);
+                Process process = SystemCommand.runCommand(Runtime.getRuntime(), command);
                 int ret = process.waitFor();
 
                 System.out.print("Stdout: ");