Insecure Use of SQL Queries

Why is this important?

SQL injections are dangerous because they can be easily identified by attackers. Hackers can use SQL injections to read from and sometimes even write to your database. SQL injections are very common and have been the cause of many high-profile breaches.

Check out this video for a high-level explanation:

SQL Injection Explanation Video

Fixing Insecure Use of SQL Queries

Option A: Using db.Query with Parameterized Queries

  1. Go through the issues that GuardRails identified in the PR.
  2. Replace the code that uses either String Concatenation like:

     rows, err := db.Query("SELECT * FROM foo WHERE name = " + req.FormValue("name"))
    

    or Format Strings like:

     q := fmt.Sprintf("SELECT * FROM foo where name = '%s'", req.FormValue("name"))
     rows, err := db.Query(q)
    

    with the following alternative use of db.Query, based on the database you are using:

     // The `?` placeholder only works for MySQL
     rows, err := db.Query("SELECT * FROM foo where name = ?", req.FormValue("name"))
     // For PostgreSQL use `$`
     rows, err := db.Query("SELECT * FROM foo where name = $1", req.FormValue("name"))
     // for Oracle use `:xyz`
     rows, err := db.Query("SELECT * FROM foo where name = :name", req.FormValue("name"))
    
  3. Test it

  4. Ship it 🚢 and relax 🌴

More information: