mirror of
https://github.com/hohn/sarif-cli.git
synced 2025-12-16 17:23:03 +01:00
wip: remove extraneous slash
This commit is contained in:
Michael Hohn
committed by
=Michael Hohn
=Michael Hohn
parent
7d4e5026a9
commit
f1a70dd023
219
data/codeql-dataflow-sql-injection/sqlidb-1.sarif
Normal file
219
data/codeql-dataflow-sql-injection/sqlidb-1.sarif
Normal file
@@ -0,0 +1,219 @@
|
||||
{
|
||||
"$schema" : "https://json.schemastore.org/sarif-2.1.0.json",
|
||||
"version" : "2.1.0",
|
||||
"runs" : [ {
|
||||
"tool" : {
|
||||
"driver" : {
|
||||
"name" : "CodeQL",
|
||||
"organization" : "GitHub",
|
||||
"semanticVersion" : "2.9.4",
|
||||
"rules" : [ {
|
||||
"id" : "cpp/SQLIVulnerable",
|
||||
"name" : "cpp/SQLIVulnerable",
|
||||
"shortDescription" : {
|
||||
"text" : "SQLI Vulnerability"
|
||||
},
|
||||
"fullDescription" : {
|
||||
"text" : "Using untrusted strings in a sql query allows sql injection attacks."
|
||||
},
|
||||
"defaultConfiguration" : {
|
||||
"enabled" : true,
|
||||
"level" : "warning"
|
||||
},
|
||||
"properties" : {
|
||||
"description" : "Using untrusted strings in a sql query allows sql injection attacks.",
|
||||
"id" : "cpp/SQLIVulnerable",
|
||||
"kind" : "path-problem",
|
||||
"name" : "SQLI Vulnerability",
|
||||
"problem.severity" : "warning"
|
||||
}
|
||||
} ]
|
||||
},
|
||||
"extensions" : [ {
|
||||
"name" : "legacy-upgrades",
|
||||
"semanticVersion" : "0.0.0",
|
||||
"locations" : [ {
|
||||
"uri" : "file:///Users/hohn/.local/share/gh/extensions/gh-codeql/dist/release/v2.9.4/legacy-upgrades/",
|
||||
"description" : {
|
||||
"text" : "The QL pack root directory."
|
||||
}
|
||||
}, {
|
||||
"uri" : "file:///Users/hohn/.local/share/gh/extensions/gh-codeql/dist/release/v2.9.4/legacy-upgrades/qlpack.yml",
|
||||
"description" : {
|
||||
"text" : "The QL pack definition file."
|
||||
}
|
||||
} ]
|
||||
}, {
|
||||
"name" : "sample/cpp-sql-injection",
|
||||
"semanticVersion" : "0.0.1",
|
||||
"locations" : [ {
|
||||
"uri" : "file:///Users/hohn/local/sarif-cli/data/codeql-dataflow-sql-injection/",
|
||||
"description" : {
|
||||
"text" : "The QL pack root directory."
|
||||
}
|
||||
}, {
|
||||
"uri" : "file:///Users/hohn/local/sarif-cli/data/codeql-dataflow-sql-injection/qlpack.yml",
|
||||
"description" : {
|
||||
"text" : "The QL pack definition file."
|
||||
}
|
||||
} ]
|
||||
} ]
|
||||
},
|
||||
"artifacts" : [ {
|
||||
"location" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
}
|
||||
} ],
|
||||
"results" : [ {
|
||||
"ruleId" : "cpp/SQLIVulnerable",
|
||||
"ruleIndex" : 0,
|
||||
"rule" : {
|
||||
"id" : "cpp/SQLIVulnerable",
|
||||
"index" : 0
|
||||
},
|
||||
"message" : {
|
||||
"text" : "Possible SQL injection"
|
||||
},
|
||||
"locations" : [ {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 84,
|
||||
"startColumn" : 27,
|
||||
"endColumn" : 32
|
||||
}
|
||||
}
|
||||
} ],
|
||||
"partialFingerprints" : {
|
||||
"primaryLocationLineHash" : "9a8bc91bbc363391:1",
|
||||
"primaryLocationStartColumnFingerprint" : "22"
|
||||
},
|
||||
"codeFlows" : [ {
|
||||
"threadFlows" : [ {
|
||||
"locations" : [ {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 52,
|
||||
"startColumn" : 32,
|
||||
"endColumn" : 35
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "ref arg buf"
|
||||
}
|
||||
}
|
||||
}, {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 60,
|
||||
"startColumn" : 12,
|
||||
"endColumn" : 15
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "buf"
|
||||
}
|
||||
}
|
||||
}, {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 93,
|
||||
"startColumn" : 12,
|
||||
"endColumn" : 25
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "call to get_user_info"
|
||||
}
|
||||
}
|
||||
}, {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 95,
|
||||
"startColumn" : 20,
|
||||
"endColumn" : 24
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "info"
|
||||
}
|
||||
}
|
||||
}, {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 68,
|
||||
"startColumn" : 31,
|
||||
"endColumn" : 35
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "info"
|
||||
}
|
||||
}
|
||||
}, {
|
||||
"location" : {
|
||||
"physicalLocation" : {
|
||||
"artifactLocation" : {
|
||||
"uri" : "add-user.c",
|
||||
"uriBaseId" : "%SRCROOT%",
|
||||
"index" : 0
|
||||
},
|
||||
"region" : {
|
||||
"startLine" : 84,
|
||||
"startColumn" : 27,
|
||||
"endColumn" : 32
|
||||
}
|
||||
},
|
||||
"message" : {
|
||||
"text" : "query"
|
||||
}
|
||||
}
|
||||
} ]
|
||||
} ]
|
||||
} ]
|
||||
} ],
|
||||
"automationDetails" : {
|
||||
"id" : "mast-issue"
|
||||
},
|
||||
"columnKind" : "utf16CodeUnits",
|
||||
"properties" : {
|
||||
"semmle.formatSpecifier" : "sarif-latest"
|
||||
}
|
||||
} ]
|
||||
}
|
||||
Reference in New Issue
Block a user