hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.21.4
codeql/java/ql/test/query-tests/security/CWE-089/semmle/examples/Mongo.java
Porcupiney Hairs 441825919c Java : add MongoDB injection sinks
2020-08-31 02:24:23 +05:30

25 lines
828 B
Java
Raw Permalink Blame History

import com.mongodb.MongoClient;
import com.mongodb.DBObject;
import com.mongodb.util.*;
import com.mongodb.ServerAddress;
import com.mongodb.DBCollection;
import com.mongodb.DBCursor;
import com.mongodb.*;
public class Mongo {
public static void main(String[] args) {
MongoClient mongoClient = new MongoClient(new ServerAddress("localhost", 27017));
DB db = mongoClient.getDB("mydb");
DBCollection collection = db.getCollection("test");
String name = args[1];
String stringQuery = "{ 'name' : '" + name + "'}";
DBObject databaseQuery = (DBObject) JSON.parse(stringQuery);
DBCursor result = collection.find(databaseQuery);
String json = args[1];
BasicDBObject bdb = BasicDBObject.parse(json);
DBCursor result2 = collection.find(bdb);
}
}
Reference in New Issue View Git Blame Copy Permalink