Skip to content

Commit 2e290d2

Browse files
MathiasVPMathiasVP
committed
PS: Add false positive
1 parent 42104ec commit 2e290d2

File tree

2 files changed

+6
-1
lines changed

2 files changed

+6
-1
lines changed

powershell/ql/test/query-tests/security/cwe-089/SqlInjection.expected

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ edges
44
| test.ps1:1:1:1:10 | userinput | test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | provenance | |
55
| test.ps1:1:1:1:10 | userinput | test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | provenance | |
66
| test.ps1:1:1:1:10 | userinput | test.ps1:78:13:78:22 | userinput | provenance | |
7+
| test.ps1:1:1:1:10 | userinput | test.ps1:114:76:114:85 | userinput | provenance | |
78
| test.ps1:1:14:1:45 | Call to read-host | test.ps1:1:1:1:10 | userinput | provenance | Src:MaD:0 |
89
| test.ps1:4:1:4:6 | query | test.ps1:5:72:5:77 | query | provenance | |
910
| test.ps1:8:1:8:6 | query | test.ps1:9:72:9:77 | query | provenance | |
@@ -23,10 +24,12 @@ nodes
2324
| test.ps1:72:15:79:1 | ${...} [element Query] | semmle.label | ${...} [element Query] |
2425
| test.ps1:78:13:78:22 | userinput | semmle.label | userinput |
2526
| test.ps1:81:15:81:25 | QueryConn2 | semmle.label | QueryConn2 |
27+
| test.ps1:114:76:114:85 | userinput | semmle.label | userinput |
2628
subpaths
2729
#select
2830
| test.ps1:5:72:5:77 | query | test.ps1:1:14:1:45 | Call to read-host | test.ps1:5:72:5:77 | query | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
2931
| test.ps1:9:72:9:77 | query | test.ps1:1:14:1:45 | Call to read-host | test.ps1:9:72:9:77 | query | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3032
| test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | test.ps1:1:14:1:45 | Call to read-host | test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3133
| test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | test.ps1:1:14:1:45 | Call to read-host | test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3234
| test.ps1:81:15:81:25 | QueryConn2 | test.ps1:1:14:1:45 | Call to read-host | test.ps1:81:15:81:25 | QueryConn2 | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
35+
| test.ps1:114:76:114:85 | userinput | test.ps1:1:14:1:45 | Call to read-host | test.ps1:114:76:114:85 | userinput | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |

powershell/ql/test/query-tests/security/cwe-089/test.ps1

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -109,4 +109,6 @@ function TakesTypedParameters([int]$i, [long]$l, [float]$f, [double]$d, [decimal
109109
TakesTypedParameters $userinput $userinput $userinput $userinput $userinput $userinput $userinput $userinput
110110

111111
$query = "SELECT * FROM MyTable WHERE MyColumn = '$userinput'"
112-
Invoke-Sqlcmd -unknown $userinput -ServerInstance "MyServer" -Database "MyDatabase" -q "SELECT * FROM MyTable" # GOOD
112+
Invoke-Sqlcmd -unknown $userinput -ServerInstance "MyServer" -Database "MyDatabase" -q "SELECT * FROM MyTable" # GOOD
113+
114+
Invoke-Sqlcmd -ServerInstance "MyServer" -Database "MyDatabase" -InputFile $userinput # GOOD [FALSE POSITIVE] # this is not really what this query is about.

0 commit comments

Comments
 (0)