diff --git a/Command Injection/OSI.cs b/Command Injection/OSI.cs
index 15da3434..efa07b83 100644
--- a/Command Injection/OSI.cs	
+++ b/Command Injection/OSI.cs	
@@ -13,7 +13,12 @@ public class OsInjection : ControllerBase
         public string os(string binFile)
         {
             Process p = new Process();
-            p.StartInfo.FileName = binFile; // Noncompliant
+            string allowedPath = Path.GetFullPath(Path.Combine(AppContext.BaseDirectory, "allowed_binaries", binFile));
+            if (!allowedPath.StartsWith(Path.GetFullPath(Path.Combine(AppContext.BaseDirectory, "allowed_binaries"))))
+                throw new UnauthorizedAccessException("Access to the specified binary is not allowed.");
+            if (!File.Exists(allowedPath))
+                throw new FileNotFoundException("Binary not found.");
+            p.StartInfo.FileName = allowedPath;
             p.StartInfo.RedirectStandardOutput = true;
             p.Start();
             string output = p.StandardOutput.ReadToEnd();