Only match databases for audit rule

semgrep · May 12, 2023 · 3748d60 · 3748d60
1 parent ab4e1a8
commit 3748d60
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/go/lang/security/audit/database/string-formatted-query.go b/go/lang/security/audit/database/string-formatted-query.go
@@ -18,6 +18,9 @@ func dbExec(r *http.Request) {
 	query := "SELECT number, expireDate, cvv FROM creditcards WHERE customerId = " + customerId
 
 	row, _ := db.Exec(query)
+
+	// ok: string-formatted-query
+	out, err := sshClient.Exec(fmt.Sprintf("sudo bash %s", scriptPath))
 }
 
 func okDbExec(r *http.Request) {

diff --git a/go/lang/security/audit/database/string-formatted-query.yaml b/go/lang/security/audit/database/string-formatted-query.yaml
@@ -26,6 +26,9 @@ rules:
     likelihood: LOW
     impact: HIGH
   patterns:
+  - metavariable-regex:
+        metavariable: $OBJ
+        regex: (?i).*(db|database)
   - pattern-not-inside: |
       $VAR = "..." + "..."
       ...