8bbfe4d2d2
- Add RateLimitConfig for configuration management with YAML binding support. - Introduce RateLimitDecision to encapsulate the result of rate limit checks. - Implement RateLimitMetrics for OpenTelemetry metrics tracking. - Create RateLimitMiddleware for enforcing rate limits on incoming requests. - Develop RateLimitService to orchestrate instance and environment rate limit checks. - Add RateLimitServiceCollectionExtensions for dependency injection registration.
26 lines
592 B
C
26 lines
592 B
C
// gt-0003: Three-hop call chain with command injection
|
|
// Expected: REACHABLE (tier: executed)
|
|
// Vulnerability: CWE-78 (OS Command Injection)
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
void execute_command(const char *cmd) {
|
|
// Vulnerable: system call with user input
|
|
system(cmd); // SINK: CWE-78
|
|
}
|
|
|
|
void process_input(const char *input) {
|
|
char command[256];
|
|
snprintf(command, sizeof(command), "echo %s", input);
|
|
execute_command(command);
|
|
}
|
|
|
|
int main(int argc, char *argv[]) {
|
|
if (argc > 1) {
|
|
process_input(argv[1]);
|
|
}
|
|
return 0;
|
|
}
|