mirror of
https://github.com/pushbits/server.git
synced 2025-05-02 11:46:17 +02:00
51 lines
1.6 KiB
YAML
51 lines
1.6 KiB
YAML
rules:
|
|
- id: database-sqli
|
|
languages:
|
|
- go
|
|
message: >-
|
|
Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled
|
|
and not properly sanitized. In order to prevent SQL injection,
|
|
used parameterized queries or prepared statements instead.
|
|
You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.
|
|
mode: taint
|
|
metadata:
|
|
references:
|
|
- 'https://pkg.go.dev/database/sql#DB.Query'
|
|
category: security
|
|
owasp: "A1: Injection"
|
|
cwe: "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
|
|
technology:
|
|
- aws-lambda
|
|
- database
|
|
- sql
|
|
pattern-sinks:
|
|
- patterns:
|
|
- pattern: $QUERY
|
|
- pattern-either:
|
|
- pattern: $DB.Exec($QUERY,...)
|
|
- pattern: $DB.ExecContent($QUERY,...)
|
|
- pattern: $DB.Query($QUERY,...)
|
|
- pattern: $DB.QueryContext($QUERY,...)
|
|
- pattern: $DB.QueryRow($QUERY,...)
|
|
- pattern: $DB.QueryRowContext($QUERY,...)
|
|
- pattern-inside: |
|
|
import "database/sql"
|
|
...
|
|
pattern-sources:
|
|
- patterns:
|
|
- pattern-either:
|
|
- pattern-inside: |
|
|
func $HANDLER($CTX $CTXTYPE, $EVENT $TYPE, ...) {...}
|
|
...
|
|
lambda.Start($HANDLER, ...)
|
|
- patterns:
|
|
- pattern-inside: |
|
|
func $HANDLER($EVENT $TYPE) {...}
|
|
...
|
|
lambda.Start($HANDLER, ...)
|
|
- pattern-not-inside: |
|
|
func $HANDLER($EVENT context.Context) {...}
|
|
...
|
|
lambda.Start($HANDLER, ...)
|
|
- pattern: $EVENT
|
|
severity: WARNING
|