mirror of
https://github.com/hohn/codeql-lab.git
synced 2025-12-16 18:03:08 +01:00
16 lines
400 B
Plaintext
16 lines
400 B
Plaintext
/**
|
|
* @name SQLI Vulnerability
|
|
* @description Using untrusted strings in a sql query allows sql injection attacks.
|
|
* @ kind path-problem
|
|
* @id cpp/sqlivulnerable
|
|
* @problem.severity warning
|
|
*/
|
|
|
|
import cpp
|
|
// import semmle.code.cpp.dataflow.new.TaintTracking
|
|
|
|
|
|
from FunctionCall exec
|
|
where exec.getTarget().getName().matches("%snprintf%")
|
|
select exec, exec.getTarget().getName(), exec.getAnArgument()
|