Patched main.py

patched.codes[bot] · patched.codes[bot] · commit ca262929215d · 2025-06-17T04:11:36.000Z
diff --git a/main.py b/main.py
@@ -18,9 +18,29 @@ def func_calls():
     prep = req.prepare()
     session.rebuild_proxies(prep, proxies)
 
-    # Introduce a command injection vulnerability
-    user_input = input("Enter a command to execute: ")
-    command = "ping " + user_input
-    subprocess.call(command, shell=True)
-
-    print("Command executed!")
+    # Execute ping command securely
+    try:
+        user_input = input("Enter a hostname to ping: ").strip()
+        
+        # Basic hostname validation
+        if not user_input or ' ' in user_input or ';' in user_input or '&' in user_input or '|' in user_input:
+            print("Error: Invalid hostname. Please provide a valid hostname without special characters.")
+            exit(1)
+            
+        # Use subprocess.run with argument list and shell=False
+        result = subprocess.run(['ping', user_input], 
+                              shell=False, 
+                              check=False, 
+                              capture_output=True,
+                              text=True)
+        
+        if result.returncode == 0:
+            print("Command executed successfully!")
+            print(result.stdout)
+        else:
+            print(f"Error executing command. Return code: {result.returncode}")
+            print(f"Error output: {result.stderr}")
+            
+    except Exception as e:
+        print(f"An error occurred: {str(e)}")
+        exit(1)
