Stack Overflow
Stack Overflow

Questions tagged [code-injection]

Code injection is the general term for the result of a missing neutralization or improper neutralization of special elements of externally-influenced input, which could modify the syntax or behavior of the intended code.

Code injection is a type of consequence due to Improper Control of Generation of Code (CWE-94), which causes unauthorized code to be executed.

2439 questions
0
votes
1 answer

How to fix command injection issue on Checkmarx for parse_args

I have python code that parses input parameters: parser=OptionParser() parser.add_option("-o", dest="out", default=os.getenv('Path',None), help="file path") parser.add_option("-c", dest="content", default=os.path.abspath(sys.path[0]), help="cont…
Tramsey
  • 21
  • 3
0
votes
0 answers

CSAPP self study attack lab phase 3 doesn't work on my solution

I am currently reading the book CS:APP. I am working on the labs too which are for self study. After I got stuck at phase 3 (I don't know why) I looked up a solution which is slightly different than my approach:…
J.Doe
  • 19
  • 1
  • 2
0
votes
1 answer

How can I edit html inside an iframe using javascript

I am working on automating a process within my business, part of which is sending an email through SalesForce. We don't have access to the SF API and the email has to be sent through salesforce in order to keep the communication searchable for the…
ThomasW
  • 33
  • 4
0
votes
1 answer

why k8s deployment hpa doesn't calculate istio/sidecar 's cpu request

i set hpa for my deployment/app, for example, CPU 80%. my app deployment has two containers, one is app for traffic, the other is automatically injected istio-proxy. when i get hpa during running traffic, i found something unexpected for the hpa…
bin he
  • 1
0
votes
1 answer

\uD83D\uDCCC keep showing up in code I've inherited. What does this unicode sequence do?

I've been reading about code injection using unicode sequences and have been using a tool from Dotnetsafer to locate sequences in a codebad I've inherited. This sequence \uD83D\uDCCC keeps coming up: An example: appears as: [588] …
The Sharp Ninja
  • 1,041
  • 9
  • 18
0
votes
1 answer

docker container part of botnet via get requests (ddos)

Hi I get an message from my provider that my server is a part of a ddos-botnet. So i investigate my docker containers and found some corrupted containers (jitsi-meet-web (https://github.com/jitsi/docker-jitsi-meet), nextcloud…
Ted Mosby
  • 79
  • 9
0
votes
0 answers

How to continuously manipulate other website data?

I have used JS injector extensions on chrome to manipulate data on other website ( to see things in the way I want it to be ) but this method doesn't work on websites where the data is continuously changing. For example, lets say I open Yahoo…
Injeel Ahmed
  • 69
  • 7
0
votes
1 answer

Python and preventing email header injections

I am currently creating a web contact form in python. My main aim is to teach myself python and I am not using a framework (just raw python). I am using python 2.5 as that is what my webhost has. Sending email seems simple in python and that is…
Monkey Code
  • 592
  • 6
  • 20
0
votes
1 answer

How to inject code into an arm64e process in macOS?

I've written a utility that modifies system behavior by injecting compiled code (in the form of a dylib) into the Dock using the old mach_inject method. However, mach_inject hasn't been updated in several years now and doesn't work on Apple Silicon…
Bri Bri
  • 2,169
  • 3
  • 19
  • 44
0
votes
0 answers

How do I let users input their own CSS while preventing malicious code?

I'm working on an online-directory type of project where my clients (users) will have their own profile page. I want to give them the flexibility to customize their profile page via CSS and I was think to incorporate in the users dashboards some…
Greg
  • 3,025
  • 13
  • 58
  • 106
0
votes
1 answer

Android javascript injection, how would I call this function $(document).ready(function(){...})

I am working on some javascript injection into m android webview. I am just not completely sure of the syntax it is looking for I want to call this function in my html page: $(document).ready(function({...}) I have a webview and javascript interface…
CQM
  • 42,592
  • 75
  • 224
  • 366
0
votes
1 answer

Announcement Bar as header SquareSpace

I want to use Square space's announcement bar as the header for my site. I have seen others doing this and using the div "sqs-announcement-bar" but have not been able to use code injection to make it work. Anyone know how to do this?
Annie James Walsh
  • 1
0
votes
2 answers

How do I get mouse WM_MouseMove Message on SCREEN?

Now I'm working on a project which require me to get mouse moving message from all time. My app only have a tiny windows for configuration purpose and it will not even appear on the desktop for most of the time. What I need is I need to be able to…
shawhu
  • 1,217
  • 1
  • 12
  • 27
0
votes
1 answer

Spring Beans: Can you add elements into an injected list?

I am quite new at Spring Beans and I'm trying to build a rest controller that implements the CRUD operations. I have a config file that has a @Bean that returns a list of Book type: @Configuration public class BookConfig { @Bean public…
Gabi
  • 103
  • 3
  • 9
0
votes
1 answer

CheckMarx - How to fix the Code Injection report?

Checkmarx encountered the following error: @RequestMapping(value = RequestMappings.PROVA, method=RequestMethod.POST) public ResponseEntity provaAction(@RequestBody(required = false) Object[] inputExample, HttpServletRequest…
Andrea F.
  • 11
  • 2
  • 3
1 2 3
99
100