Skip to content

Commit

Permalink
Django sqli from raw (#313)
Browse files Browse the repository at this point in the history
  • Loading branch information
Prabhu Subramanian committed May 4, 2021
1 parent 4531dda commit 6ee41bd
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
3 changes: 2 additions & 1 deletion lib/pyt/vulnerability_definitions/all_sources_sinks.pyt
View file
Expand Up @@ -486,7 +486,8 @@
"read_sql(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}},
"read_sql_query(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}},
"read_sql_table(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}},
"DBSession.query(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}}
"DBSession.query(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}},
"objects.raw(": {"unlisted_args_propagate": false, "arg_dict": {"text": 0}}
},
"NoSQL": {
"client.CreateDatabase(": {},
Expand Down
3 changes: 2 additions & 1 deletion lib/pyt/vulnerability_definitions/blackbox_mapping.json
View file
Expand Up @@ -72,7 +72,8 @@
"jsonify",
"unescape",
"bind_arguments",
"import_string"
"import_string",
"objects.raw"
],
"safe_decorators": [
"user_must_be_authorized",
Expand Down

0 comments on commit 6ee41bd

Please sign in to comment.