Allow True and False and add unit test to check regression

AikidoSec · Sep 16, 2024 · dd52948 · dd52948
1 parent 7417531
commit dd52948
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/aikido_zen/vulnerabilities/code_injection/detect_code_injection_test.py b/aikido_zen/vulnerabilities/code_injection/detect_code_injection_test.py
@@ -31,3 +31,11 @@ def test_newline_and_indent_not_dangerous():
     is_not_injection("              ")
     is_not_injection("  ")
     is_not_injection("  \r\n    \n      \n  \t")
+
+
+def test_booleans_and_numbers():
+    is_not_injection("True")
+    is_not_injection("False")
+    is_not_injection("0123456")
+    is_not_injection("01234567.18234")
+    is_not_injection("False True 012345.6789")
diff --git a/aikido_zen/vulnerabilities/code_injection/token_is_possibly_dangerous.py b/aikido_zen/vulnerabilities/code_injection/token_is_possibly_dangerous.py
@@ -25,6 +25,8 @@
     ">>",
     # Regarded as safe language tokens :
     ",",
+    "True",
+    "False",
 ]
-Original file line number
+Diff line change
@@ Expand Up / @@ -25,6 +25,8 @@ @@
         ">>",
         # Regarded as safe language tokens :
         ",",
+        "True",
+        "False",
     ]
@@ Expand Down @@