# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 import logging logger = logging.getLogger(__name__) # {fact rule=log-injection@v1.0 defects=1} def logging_noncompliant(): filename = input("Enter a filename: ") # Noncompliant: unsanitized input is logged. logger.info("Processing %s", filename) # {/fact} # {fact rule=log-injection@v1.0 defects=0} def logging_compliant(): filename = input("Enter a filename: ") if filename.isalnum(): # Compliant: input is validated before logging. logger.info("Processing %s", filename) # {/fact}