cosgroveb
commented
5 months ago Can we get this merged? This causes false positives with a legitimate query a vendor package runs that includes the word "insufficient" in the WHERE clause.
Open jcoleman opened 2 years ago
cosgroveb
commented
5 months ago Can we get this merged? This causes false positives with a legitimate query a vendor package runs that includes the word "insufficient" in the WHERE clause.
Regex matching solely against the word "insufficient" means that it's trivial to cause this to alert unnecessarily by merely including the string "insufficient" in one's real query. Instead verify that we don't actually have a real query and know for certain this is an error condition.