Skip to content

Add unit tests for CommandInjectionGuard #38

Description

@JVBotelho

Summary

CommandInjectionGuard has no dedicated unit test file — only indirect coverage via
integration tests. Add Rasp.Core.Tests/Guard/CommandInjectionGuardTests.cs covering its
own block/audit/no-threat/no-op branches in isolation.

Background

Every *DetectionEngine has a dedicated test file; most Guard classes don't. This is one
of five identical-shaped issues — see docs/good-first-issues-dotnet.md for the full list
and the shared rationale (this is about naming concrete gaps, not chasing a coverage
percentage).

Pattern to copy

Rasp.Core.Tests/Guard/SqlSinkGuardTaintTests.csNoOpRaspMetrics fake, a real
RaspAlertBus, Options.Create(new RaspOptions {...}), NullLogger<T>.Instance.

What to test

AnalyzeProcessExecution(executablePath, arguments, useShellExecute, context)
(src/Rasp.Core/Guard/CommandInjectionGuard.cs), gated by
RaspOptions.BlockOnRuntimePatchingDetection:

  • Threat detected + audit mode: alert pushed via RaspAlertBus, no exception thrown.
  • Threat detected + block mode: RaspSecurityException thrown, alert still pushed
    before the throw.
  • No threat: no alert, no exception.
  • No-op case: empty executablePath never reaches the engine or calls _metrics.RecordInspection.

Metadata

Metadata

Assignees

No one assigned

    Labels

    .NETPull requests that update .NET codegood first issueGood for newcomershelp wantedExtra attention is needed

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions