From 987ee493e6a1fcf7e5e9be6002432ca9c776fc06 Mon Sep 17 00:00:00 2001
From: Dave Wichers <dwichers@gmail.com>
Date: Tue, 3 Feb 2026 16:54:51 -0500
Subject: [PATCH] Potential fix for code scanning alert no. 3: Uncontrolled
 command line

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/main/java/org/owasp/benchmark/testcode/Benchmark00176.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/owasp/benchmark/testcode/Benchmark00176.java b/src/main/java/org/owasp/benchmark/testcode/Benchmark00176.java
index 17ec195..37ff89b 100644
--- a/src/main/java/org/owasp/benchmark/testcode/Benchmark00176.java
+++ b/src/main/java/org/owasp/benchmark/testcode/Benchmark00176.java
@@ -61,7 +61,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
 
         try {
             Process p =
-                    r.exec(cmd + bar, argsEnv, new java.io.File(System.getProperty("user.dir")));
+                    r.exec(cmd, argsEnv, new java.io.File(System.getProperty("user.dir")));
             org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
         } catch (IOException e) {
             System.out.println("Problem executing cmdi - Case");