-
Notifications
You must be signed in to change notification settings - Fork 465
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve taint analysis to avoid SQL Injection detected when StringBuilder is used #14
Comments
For the moment, the detection of injection was base on code from Findbugs core plugin. |
…the use of StringBuilder/StringBuffer. #14 For the moment, the false positive are mark at priority Low instead of High (regular priority for Injection vulnerability). Added the capability to test the priority set by detectors. (BugInstanceMatcher)
The initial code sample with StringBuilder is now supported. Even much more advanced flow analysis are done in 1.4.2. |
I'm still getting false positives from SQL_INJECTION_HIBERNATE when assembling a constant string:
and then passing it to Hibernate Session |
Field are different beast. Unless the type is primitive I think it is worth to be supported. |
Hi,
As soon as I see a StringBuilder in JPA EntityManager.createQuery(), an SQL injection is detected:
Is it possible to improve detector by checking that no input parameter (method parameter or attribute) has been added to the StringBuilder?
On the code I try to verify, there are a lot of where clauses added if a parameter is not null (and the developper uses setParameter() method)
The text was updated successfully, but these errors were encountered: