Detect SQL injection issues introduced via concatenation

guillaumeaubert / Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection

PerlCritic policy that attempts to detect the most common sources of SQL injection in manually crafted SQL statements, by detecting the use of variables inside interpolated strings that look like SQL statements.

https://metacpan.org/pod/Perl::Critic::Policy::ValuesAndExpressions::PreventSQLInjection

Other

6 stars 8 forks source link

Detect SQL injection issues introduced via concatenation #4

Closed guillaumeaubert closed 11 years ago

guillaumeaubert commented 11 years ago

Added as a pull request for myself. I'm going to think a little more about this solution and merge it if I don't see further cases to support related to concatenation.

coveralls commented 11 years ago

Coverage increased (+0.64%) when pulling 7dc13754d95d29a4c4e8da4ab9495580eeaae89c on detect_concatenation into da5f8d8d286c65f0d1a7a8754d24d67c6579e078 on master.