Line Execution Checker
Warn
Audited by Socket on May 31, 2026
1 alert found:
SecuritySecurityline_checker.cpp
MEDIUMSecurityMEDIUM
line_checker.cpp
No clear evidence of overt malware (no network activity, data theft, or persistence) in the provided fragment. However, the code contains a high-impact command-injection vulnerability: it runs `system("gcov " + source_file + ... )` where `source_file` is derived from untrusted command-line input and is inserted into a shell command without sanitization/quoting. This makes the tool dangerous in untrusted or adversarial CI/workspace contexts.
Confidence: 84%Severity: 92%
Audit Metadata