The command injection vulnerability has not been fixed in the create file function.

Test 1: Command Injection Add File Vulnerability Not Fixed

Please review the Defense section of the lesson and try again.

Remember that using regular expressions to filter out dangerous OS injection syntax is hard to do correctly and not recommended. Try thinking about what native function you can use to achieve the same result.

Test 2: Command Injection Add File Vulnerability Not Fixed

Please review the Defense section of the lesson and try again.

Remember that using regular expressions to filter out dangerous OS injection syntax is hard to do correctly and not recommended. Try thinking about what native function you can use to achieve the same result.

Test 3: Command Injection Add File Vulnerability Not Fixed

Please review the Defense section of the lesson and try again.

Remember that using regular expressions to filter out dangerous OS injection syntax is hard to do correctly and not recommended. Try thinking about what native function you can use to achieve the same result.

Did this answer your question?