gitlab.security_code_scan.SCS0002-1
unknown
Download Count*
License
The method identified is susceptible to injection. The input should be validated and properly escaped.
Run Locally
Run in CI
Defintion
rules:
- id: security_code_scan.SCS0002-1
patterns:
- pattern-either:
- patterns:
- metavariable-regex:
metavariable: $FUNC
regex: ^(SqlQuery|ExecuteSqlCommand|ExecuteSqlCommandAsync|ExecuteSqlRaw|ExecuteSqlRawAsync|FromSqlRaw|FromSql|GetSqlStringCommand|ExecuteDataSet|ExecuteReader|ExecuteNonQuery|ExecuteScalar|CreateSQLQuery)$
- pattern: $DB.$FUNC($ARG, ...);
- pattern-not: $DB.$FUNC("...", ...);
- patterns:
- metavariable-regex:
metavariable: $FUNC
regex: ^(ExecuteQuery|ExecuteCommand)$
- pattern-inside: |
using System.Data.Linq;
...
- pattern: (DataContext $CTX).$FUNC($ARG, ...)
- patterns:
- metavariable-regex:
metavariable: $IMPL
regex: ^(SqlCommand|EntityCommand|OdbcCommand|OleDbCommand|SqliteCommand)$
- pattern-either:
- patterns:
- pattern: new $IMPL($ARG, ...);
- pattern-not: new $IMPL("...", ...);
- patterns:
- pattern: ($IMPL $CMD).CommandText = <...$ARG...>;
- pattern-not: ($IMPL $CMD).CommandText = "...";
- patterns:
- metavariable-regex:
metavariable: $FUNC
regex: ^(ExecuteDataRow|ExecuteDataRowAsync|ExecuteDataset|ExecuteDatasetAsync|ExecuteNonQuery|ExecuteNonQueryAsync|ExecuteReader|ExecuteReaderAsync|ExecuteScalar|ExecuteScalarAsync|UpdateDataSet|UpdateDataSetAsync)$
- pattern-inside: |
using MySql.Data.MySqlClient;
...
- pattern: MySqlHelper.$FUNC("...", $ARG, ...);
- patterns:
- pattern-inside: |
using Cassandra;
...
- pattern: (Session $SESS).Execute($ARG, ...);
- pattern-not: (Session $SESS).Execute("...", ...);
message: >
The method identified is susceptible to injection. The input should be
validated and properly
escaped.
languages:
- csharp
severity: ERROR
metadata:
category: security
cwe: "CWE-89: Improper Neutralization of Special Elements used in an SQL Command
(‘SQL Injection’)"
license: MIT
Short Link: https://sg.run/K1y5