hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/OverlayLocalJava
codeql/javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/test.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

10 lines
313 B
JavaScript
Raw Permalink Blame History

const mysql = require('mysql');
const pool = mysql.createPool(getConfig());
let temp = process.env['foo']; // $ Source
pool.getConnection(function(err, connection) {
connection.query({
sql: 'SELECT * FROM `books` WHERE `author` = ' + temp, // $ Alert
}, function(error, results, fields) {});
});
Reference in New Issue View Git Blame Copy Permalink