Use of Inherently Dangerous Function

[ovidiu-benea]

Ran a Veracode (https://www.veracode.com) static scan of our application windows 32-bit binaries that are using poco library.
Used the following compiler/linker flags, see "Compilation Instructions for C/C++ on Windows" here:
https://help.veracode.com/reader/4EKhlLSMHm5jC8P8j3XccQ/3Lu03OATx74TyUh~WCn8wQ
It found 2 very high security issue in poco library:
Use of Inherently Dangerous Function in: foundation/src/process_win32u.cpp line: 299
Use of Inherently Dangerous Function in: foundation/src/process_win32u.cpp line: 313

poco version: 1.7.8-all (2017-02-22)

Operating system: Windows 10 Pro

Expected: No very high security issues.

[obiltschnig]

Unfortunately there's no other way to reliably kill a process you don't control than by calling TerminateProcess(). As "inherently dangerous" as it may be. If it bothers you, simply don't call Poco::Process::kill().