gitlab.security_code_scan.SCS0002-1

unknown
Download Count*
License

The method identified is susceptible to injection. The input should be validated and properly escaped.

Run Locally

Run in CI

Defintion

rules:
  - id: security_code_scan.SCS0002-1
    patterns:
      - pattern-either:
          - patterns:
              - metavariable-regex:
                  metavariable: $FUNC
                  regex: ^(SqlQuery|ExecuteSqlCommand|ExecuteSqlCommandAsync|ExecuteSqlRaw|ExecuteSqlRawAsync|FromSqlRaw|FromSql|GetSqlStringCommand|ExecuteDataSet|ExecuteReader|ExecuteNonQuery|ExecuteScalar|CreateSQLQuery)$
              - pattern: $DB.$FUNC($ARG, ...);
              - pattern-not: $DB.$FUNC("...", ...);
          - patterns:
              - metavariable-regex:
                  metavariable: $FUNC
                  regex: ^(ExecuteQuery|ExecuteCommand)$
              - pattern-inside: |
                  using System.Data.Linq;
                  ...
              - pattern: (DataContext $CTX).$FUNC($ARG, ...)
          - patterns:
              - metavariable-regex:
                  metavariable: $IMPL
                  regex: ^(SqlCommand|EntityCommand|OdbcCommand|OleDbCommand|SqliteCommand)$
              - pattern-either:
                  - patterns:
                      - pattern: new $IMPL($ARG, ...);
                      - pattern-not: new $IMPL("...", ...);
                  - patterns:
                      - pattern: ($IMPL $CMD).CommandText = <...$ARG...>;
                      - pattern-not: ($IMPL $CMD).CommandText = "...";
          - patterns:
              - metavariable-regex:
                  metavariable: $FUNC
                  regex: ^(ExecuteDataRow|ExecuteDataRowAsync|ExecuteDataset|ExecuteDatasetAsync|ExecuteNonQuery|ExecuteNonQueryAsync|ExecuteReader|ExecuteReaderAsync|ExecuteScalar|ExecuteScalarAsync|UpdateDataSet|UpdateDataSetAsync)$
              - pattern-inside: |
                  using MySql.Data.MySqlClient;
                  ...
              - pattern: MySqlHelper.$FUNC("...", $ARG, ...);
          - patterns:
              - pattern-inside: |
                  using Cassandra;
                  ...
              - pattern: (Session $SESS).Execute($ARG, ...);
              - pattern-not: (Session $SESS).Execute("...", ...);
    message: >
      The method identified is susceptible to injection. The input should be
      validated and properly

      escaped.
    languages:
      - csharp
    severity: ERROR
    metadata:
      category: security
      cwe: "CWE-89: Improper Neutralization of Special Elements used in an SQL Command
        (‘SQL Injection’)"
      license: MIT