From c6f87110d95b605fd574d27de0db30fe9166e8d5 Mon Sep 17 00:00:00 2001
From: "aikido-autofix[bot]"
 <119856028+aikido-autofix[bot]@users.noreply.github.com>
Date: Wed, 27 Aug 2025 19:25:32 +0000
Subject: [PATCH] fix(security): autofix Possible command injection via
 Process.Start

---
 Command Injection/OSI.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Command Injection/OSI.cs b/Command Injection/OSI.cs
index 15da3434..265b3b69 100644
--- a/Command Injection/OSI.cs	
+++ b/Command Injection/OSI.cs	
@@ -13,7 +13,7 @@ public class OsInjection : ControllerBase
         public string os(string binFile)
         {
             Process p = new Process();
-            p.StartInfo.FileName = binFile; // Noncompliant
+            p.StartInfo.FileName = Path.GetFullPath(Path.Combine(AppContext.BaseDirectory, "allowed_binaries", Path.GetFileName(binFile)));
             p.StartInfo.RedirectStandardOutput = true;
             p.Start();
             string output = p.StandardOutput.ReadToEnd();