Description
Query
Link to pull request with your CodeQL query:
Relevant PR: github/codeql-go#607
CVE ID(s)
List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database.
- no CVEs
Report
Describe the vulnerability. Provide any information you think will help GitHub assess the impact your query has on the open source community.
The idea of this PR is to improve default SqlInjection.ql query by adding github.com/jackc/pgx module and related.
I basically reused existing SqlInjection.ql query, and created a custom PgxSqlInjection.ql query. The CodeQL custom module with implements pgx sql argument is defined in Pgx.qll file. I think that pgx support should be implemented by extending SQL::QueryString.
When this module will be moved from experimental folder to standart library, it would automatically improve existing Sqlnjection.ql query. But for now, for a demonstration, i created a separate query which imports experimental module and repeats standart query. I also added snippet for pgx usage and qhelp.
- [x ] Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing
Result(s)
Provide at least one useful result found by your query, on some revision of a real project.
I have made a series of queries using lgtm.com.
There are findings:
https://lgtm.com/query/4453866281735326417/
- Alex-Kuz/tp-database
- averageflow/joes-warehouse
- cauli/mulungu
https://lgtm.com/query/2344985243544414322/
- fhirbase/fhirbase
- flynn/flynn
- hackfeed/remrratality
- hasura/pgdeltastream
https://lgtm.com/query/3110488658498384350/
- huvalk/tech-db-huvalk
- just1689/pg-gateway
- krok-o/krok
- mysteriumnetwork/discovery