Commit dde9a9a6 authored by Mikaël Salson's avatar Mikaël Salson
Browse files

task.py: Fix potential security issue

We take care that the window provided is actually a nucleic sequence.
It prevents people from trying to inject something else
parent 4d0da3d4
Pipeline #254606 passed with stages
in 26 minutes and 19 seconds
......@@ -252,8 +252,8 @@ def run_vidjil(id_file, id_config, id_data, grep_reads,
cmd = defs.DIR_VIDJIL + '/vidjil-algo '
if grep_reads:
# TODO: security, assert grep_reads XXXX
vidjil_cmd += ' --out-clone-files --grep-reads "%s" ' % grep_reads
if re.match(r"^[acgtnACGTN]+$", grep_reads):
vidjil_cmd += ' --out-clone-files --grep-reads "%s" ' % grep_reads
os.makedirs(out_folder)
out_log = out_folder+'/'+output_filename+'.vidjil.log'
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment