hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-23 07:56:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3fcd02ab0e226f9563a302c847c4acfbec038db9
codeql/javascript/ql/src/Security/CWE-089/SqlInjection.ql

24 lines
849 B
Plaintext
Raw Blame History

/**
* @name Database query built from user-controlled sources
* @description Building a database query from user-controlled sources is vulnerable to insertion of
* malicious code by the user.
* @kind path-problem
* @problem.severity error
* @precision high
* @id js/sql-injection
* @tags security
* external/cwe/cwe-089
*/
import javascript
import semmle.javascript.security.dataflow.SqlInjection
import semmle.javascript.security.dataflow.NosqlInjection
import DataFlow::PathGraph
from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where (cfg instanceof SqlInjection::Configuration or
cfg instanceof NosqlInjection::Configuration) and
cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "This query depends on $@.",
source.getNode(), "a user-provided value"
Reference in New Issue View Git Blame Copy Permalink