From d2d7f21e6207ab647236aa0c281d821510190831 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Tue, 5 Mar 2024 10:35:58 +0000
Subject: [PATCH] Introduced protections against system command injection

---
 .../src/main/java/org/elasticsearch/gradle/reaper/Reaper.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java b/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java
index c2adaf59ead1b..2a8c0a1856384 100644
--- a/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java
+++ b/build-tools/reaper/src/main/java/org/elasticsearch/gradle/reaper/Reaper.java
@@ -8,6 +8,7 @@
 
 package org.elasticsearch.gradle.reaper;
 
+import io.github.pixee.security.SystemCommand;
 import java.io.Closeable;
 import java.io.IOException;
 import java.io.UncheckedIOException;
@@ -68,7 +69,7 @@ private void reap() {
                 String line = Files.readString(inputFile);
                 System.out.println("Running command: " + line);
                 String[] command = line.split(" ");
-                Process process = Runtime.getRuntime().exec(command);
+                Process process = SystemCommand.runCommand(Runtime.getRuntime(), command);
                 int ret = process.waitFor();
 
                 System.out.print("Stdout: ");