hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 18:23:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

sql injection: source is argument to read

Browse Source
This commit is contained in:
Michael Hohn
2020-07-20 14:07:49 -07:00
committed by =Michael Hohn
parent a69c511dc1
commit 42e2c5de8b
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
SqlInjection.ql
View File

@@ -28,6 +28,7 @@ class SqliFlowConfig extends TaintTracking::Configuration {
// Source identification // Source identification
// count = read(STDIN_FILENO, buf, BUFSIZE); // count = read(STDIN_FILENO, buf, BUFSIZE);
from FunctionCall read from FunctionCall read, DataFlow::Node source
where read.getTarget().getName() = "read" where read.getTarget().getName() = "read"
select read and read.getArgument(1) = source.asExpr()
select read, source