Sobelow v0.13.0

View Source Sobelow.SQL.Query (Sobelow v0.13.0)

SQL Injection in Query

This submodule of the SQL module checks for SQL injection vulnerabilities through usage of the Ecto.Adapters.SQL.query.

Ensure that the query is parameterized and not user-controlled.

SQLi Query checks can be ignored with the following command:

$ mix sobelow -i SQL.Query

Link to this section Summary

Functions

details()
id()
parse_repo_query_def(fun)
parse_sql_def(fun)
rule()
run(fun, meta_file)

Link to this section Functions

Link to this function

details()

View Source
Link to this function

id()

View Source
Link to this function

parse_repo_query_def(fun)

View Source
Link to this function

parse_sql_def(fun)

View Source
Link to this function

rule()

View Source
Link to this function

run(fun, meta_file)

View Source