I’m totally new with SonarQube and I would like to leverage it to create a PHP plugin that would allow to detect RCE in a code. Indeed, I have a lot of system calls in the code, and I could like to be able, for each of them, to check if the variables injected in the system command have been sanitized properly.
I have looked at SonaQube doc and I can’t figure out if it is possible to implement such a CustomRule. Is it possible to track a variable to see where it has been defined (Are there part of the tree ?) ? Figure out if it is a user input ? Check if it has been sanitized ?
I would like to know if my project is possible with SonarQube,
Thank you for help