Remove println debugging statements

AikidoSec · Sep 19, 2024 · e9efffc · e9efffc
1 parent 0a8459c
commit e9efffc
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 6 deletions.
diff --git a/src/shell_injection/contains_shell_syntax.rs b/src/shell_injection/contains_shell_syntax.rs
@@ -126,7 +126,6 @@ fn create_commands_regex() -> Regex {
 // Function to check if the user input contains shell syntax given the command
 pub fn contains_shell_syntax(command: &str, user_input: &str) -> bool {
     let commands_regex = create_commands_regex();
-    println!("Regex : {}", commands_regex);
 
     if user_input.trim().is_empty() {
         // The entire user input is just whitespace, ignore
@@ -149,11 +148,9 @@ pub fn contains_shell_syntax(command: &str, user_input: &str) -> bool {
     // Check if the command contains a commonly used command
     for mat in commands_regex.captures_iter(command) {
         let matched_command = &mat[0];
-        println!("Matched command : {}", matched_command);
         // We found a command like `rm` or `/sbin/shutdown` in the command
         // Check if the command is the same as the user input
         if user_input != matched_command {
-            println!("User input not matched command, continuing");
             continue;
         }
 
@@ -173,7 +170,6 @@ pub fn contains_shell_syntax(command: &str, user_input: &str) -> bool {
             None
         };
 
-        println!("Char after : '{:?}' Char before : '{:?}'", char_after, char_before);
 
         // Check surrounding characters
         if char_before.map_or(false, |c| SEPARATORS.contains(&c.to_string().as_str())) &&

diff --git a/src/shell_injection/detect_shell_injection.rs b/src/shell_injection/detect_shell_injection.rs
@@ -17,7 +17,6 @@ pub extern "C"   fn detect_shell_injection(command: *const c_char, userinput: *c
 
     let command_str = str::from_utf8(command_bytes).unwrap();
     let userinput_str = str::from_utf8(userinput_bytes).unwrap();
-    println!("Command : {} And userinput : {}", command_str, userinput_str);
     if detect_shell_injection_stringified(command_str, userinput_str) {
         return 1;
     }

diff --git a/src/shell_injection/is_safely_encapsulated.rs b/src/shell_injection/is_safely_encapsulated.rs
@@ -22,7 +22,6 @@ pub fn is_safely_encapsulated(command: &str, user_input: &str) -> bool {
     let segments = get_current_and_next_segments(command.split(user_input).collect());
 
     for (current_segment, next_segment) in segments {
-        println!("Segemnt : {} - {}", current_segment, next_segment);
         let char_before_user_input = current_segment.chars().last();
         let char_after_user_input = next_segment.chars().next();