Uploaded image for project: 'SonarJava'
  1. SonarJava
  2. SONARJAVA-3318

S2077 should present to the user all the locations where the formatted SQL query string is used

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.3
    • Component/s: Rules
    • Labels:

      Description

      Currently, when this issue is raised, for example here:
      https://sonarcloud.io/project/issues?id=eric-therond-sonarsource_jdk11cve&open=AW-zZlNlViky-KWudmQ0&resolved=false&sonarsourceSecurity=sql-injection&types=SECURITY_HOTSPOT

      The locations where the query string is initialized and concatenated is not indicated to the developer:

      pstmtIns = con.prepareStatement(insertCmd); // Sensitive
      

      Thus the developer is forced to manually search in the source code where the variable insertCmd in this example is initialized and concatenated.

      An improvement should be to raise a multiple locations issue where initialization and assignments that involve a formatted/dynamical query string are highlighted:

      String insertCmd = "SELECT * from table"; // Sensitive (secondary location)
      
      insertCmd = insertCmd + " WHERE column"; // Sensitive (secondary location)
      
      insertCmd = insertCmd + " = " + columnValue(md); // Sensitive (secondary location)
      
      pstmtIns = con.prepareStatement(insertCmd); // Sensitive (main location)
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              quentin.jaquier Quentin Jaquier
              Reporter:
              eric.therond Eric Therond
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: