mirror of
https://github.com/hohn/codeql-intro-csharp.git
synced 2025-12-15 18:23:04 +01:00
23 lines
607 B
Plaintext
23 lines
607 B
Plaintext
/**
|
|
* @name SQLI Vulnerability
|
|
* @description Using untrusted strings in a sql query allows sql injection attacks.
|
|
* @kind problem
|
|
* @id workshop/sqlivulnerable
|
|
* @problem.severity warning
|
|
*/
|
|
|
|
import csharp
|
|
|
|
/*
|
|
* 1. Identify the /source/ part of the
|
|
* : Console.ReadLine()?.Trim() ?? string.Empty;
|
|
* : read(STDIN_FILENO, buf, BUFSIZE - 1);
|
|
* expression, the =Console.ReadLine()= call.
|
|
*/
|
|
|
|
from MethodCall call
|
|
where
|
|
call.getTarget().getDeclaringType().hasFullyQualifiedName("System", "Console") and
|
|
call.getTarget().getName() = "ReadLine"
|
|
select call, "Source identified: " + call.toString()
|