False positives - Non-SQL string with a potential SQL keyword

guillaumeaubert / Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection

PerlCritic policy that attempts to detect the most common sources of SQL injection in manually crafted SQL statements, by detecting the use of variables inside interpolated strings that look like SQL statements.

https://metacpan.org/pod/Perl::Critic::Policy::ValuesAndExpressions::PreventSQLInjection

Other

6 stars 8 forks source link

False positives - Non-SQL string with a potential SQL keyword #6

Closed guillaumeaubert closed 10 years ago

guillaumeaubert commented 10 years ago

This example triggers a violation, but it is a false-positive:

my $sql = "The information will update in $delay hours";