Skip to content

Commit

Permalink
fix: replace scope result with cursor
Browse files Browse the repository at this point in the history
  • Loading branch information
@cfabianski
cfabianski committed Nov 6, 2023
1 parent 62ec3e6 commit a1939a3
Showing 1 changed file with 8 additions and 9 deletions.
17 changes: 8 additions & 9 deletions rules/go/gosec/sql/concat_sqli.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@ patterns:
- either:
- variable: DB
detection: go_gosec_sql_concat_sqli_sql_open
scope: result
scope: cursor
- variable: DB
detection: go_gosec_sql_concat_sqli_sql_db_begin
scope: result
scope: cursor
- pattern: |
$<DB>.QueryContext($<...>$<INPUT>)
filters:
Expand All @@ -24,18 +24,17 @@ patterns:
- either:
- variable: DB
detection: go_gosec_sql_concat_sqli_sql_open
scope: result
scope: cursor
- variable: DB
detection: go_gosec_sql_concat_sqli_sql_db_begin
scope: result
scope: cursor
auxiliary:
- id: go_gosec_sql_concat_sqli_input_sprintf_sanitizer
patterns:
- pattern: fmt.Sprintf($<STRING>$<...>)
filters:
- variable: STRING
regex: (SELECT|DELETE|INSERT|UPDATE|INTO|FROM|WHERE).*%[bdoxXfFp].*
scope: result
string_regex: (SELECT|DELETE|INSERT|UPDATE|INTO|FROM|WHERE).*%[bdoxXfFp].*
- id: go_gosec_sql_concat_sqli_input_sanitizer
patterns:
- pattern: $<_>.QuoteIdentifier($<!>$<_>)
Expand All @@ -46,21 +45,21 @@ auxiliary:
filters:
- variable: INPUT
detection: go_shared_lang_dynamic_request_input
scope: result
scope: cursor
- id: go_gosec_sql_concat_sqli_sql_db_begin
patterns:
- pattern: $<SQL>.Begin()
filters:
- variable: SQL
detection: go_gosec_sql_concat_sqli_sql_open
scope: result
scope: cursor
- id: go_gosec_sql_concat_sqli_sql_open
patterns:
- pattern: $<SQL>.Open()
filters:
- variable: SQL
detection: go_gosec_sql_concat_sqli_sql_init
scope: result
scope: cursor
- id: go_gosec_sql_concat_sqli_sql_init
patterns:
- pattern: import $<!>"database/sql"
Expand Down

0 comments on commit a1939a3

Please sign in to comment.