Insecure Use of SQL Queries
Why is this important?
SQL injections are dangerous because they can be easily identified by attackers. Hackers can use SQL injections to read from and sometimes even write to your database. SQL injections are very common and have been the cause of many high-profile breaches.
Check out this video for a high-level explanation:
Fixing Insecure Use of SQL Queries
RawSQL
and QuerySet.extra
Option A: Avoid using - Go through the issues that GuardRails identified in the PR.
- Identify any occurrences of
RawSQL()
orQuerySet.extra()
, both of them can lead to SQL injections and should be avoided. - Remove the use of these APIs with normal QuerySet functionality, that is safe against SQL injections. Alternatively, if it can't be removed, you should escape any parameters that the user can control by using params.
- Test it
- Ship it 🚢 and relax 🌴
Option B: Use Secure Query Patterns
- Go through the issues that GuardRails identified in the PR.
- Look for code that is similar to the example below:
import MySQLdb
db = MySQLdb.connect(host="localhost",
user="",
passwd="",
db="")
cur = db.cursor()
platform = raw_input('Enter language: ')
# This is the vulnerable line of code
cur.execute("SELECT * FROM platforms WHERE language = '%s';" % platform)
for row in cur.fetchall():
print (row)
db.close()
- The easiest solution is to update the code to follow the pattern below:
cur.execute("SELECT * FROM platforms WHERE language = %s;", (platform,))
- Test it
- Ship it 🚢 and relax 🌴