hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
471318369b4fee5c66239a5f33c91d9410df8f76
codeql/python/ql/test/query-tests/Security/CWE-089
History
Rasmus Wriedt Larsen 471318369b Python: Don't quote %s in django example 
This is vulnerable to SQL injection because of the quotes around %s -- added
some code that highlights this in test.py

Since our examples did this in the safe query, I ended up rewriting them
completely, causing a lot of trouble for myself :D
2019-10-29 13:58:07 +01:00
..
options
QL tests for Python queries and libraries.
2018-11-19 15:15:54 +00:00
sql_injection.py
Python: Don't quote %s in django example
2019-10-29 13:58:07 +01:00
SqlInjection.expected
Python: Don't quote %s in django example
2019-10-29 13:58:07 +01:00
SqlInjection.qlref
QL tests for Python queries and libraries.
2018-11-19 15:15:54 +00:00