TechQA.

Checkmarx: Second-Order SQL Injection attack in c#

12.3k views Asked by At

How would I satisfy the static code analysis tool (in this case checkmarx) that there are no issues with the following method:

public OdbcDataReader ExecuteQuery(string sql)
{
   var cmd = new OdbcCommand(sql, connection);
   return cmd.ExecuteReader();
}

Checkmarx tells me the following:

Method ExecuteQuery gets database data from the ExecuteReader element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method ExecuteQuery. This may enable an Second-Order SQL Injection attack.

c# security sql-injection checkmarx
Original Q&A
1

There are 1 answers

3
Robben_Ford_Fan_boy On

Doing this satisfied CheckMarx:

public OdbcDataReader ExecuteQuery(string sql)
{
    var cmd = new OdbcCommand(sql.Replace("'", ""), connection);
    return cmd.ExecuteReader();
}

Interestingly, I scanned the method on its own, and using a command did not satisfy it: 

public OdbcDataReader ExecuteQuery(string sql)
    {
        OdbcCommand cmd = connection.CreateCommand();
        cmd.CommandText = sql;
        return cmd.ExecuteReader();
    }

Related Questions in C#

Related Questions in SECURITY

Related Questions in SQL-INJECTION

Related Questions in CHECKMARX

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions