Open qdw1987 opened 8 months ago
5417749826
)[!TIP] I can email you next time I complete a pull request if you set up your email here!
Here are the sandbox execution logs prior to making any changes:
aeb481e
Checking src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java for syntax errors... ✅ src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java has no syntax errors!
1/1 ✓Checking src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java for syntax errors... ✅ src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java has no syntax errors!
Sandbox passed on the latest develop
, so sandbox checks will be enabled for this issue.
I found the following snippets in your repository. I will now analyze these snippets and come up with a plan.
src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java
✓ https://github.com/qdw1987/WebGoat/commit/70ee60bfb32c7bb76b2a6daf106c73f1ad1b199c Edit
Modify src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java with contents:
• Locate the method that handles the POST request and performs the SQL query. This method will likely have a @PostMapping annotation and a parameter that receives user input.
• Identify the part of the method where the SQL query is constructed. This will likely involve concatenating a SQL string with the user input.
• Replace the direct concatenation of user input into the SQL string with a parameterized query. This can be done using a PreparedStatement, which allows you to set parameters in the SQL query that will be automatically sanitized by the JDBC driver.
• For each parameter in the SQL query, call the setString method (or the appropriate set method for the parameter's data type) on the PreparedStatement, passing the index of the parameter and the user input.
• Execute the query using the executeQuery method on the PreparedStatement, and handle the results as before.
• Ensure that all database resources, such as ResultSet and PreparedStatement, are properly closed in a finally block to prevent resource leaks.
---
+++
@@ -55,12 +55,15 @@
protected AttackResult injectableQueryAvailability(String action) {
StringBuffer output = new StringBuffer();
- String query = "SELECT * FROM access_log WHERE action LIKE '%" + action + "%'";
+ String query = "SELECT * FROM access_log WHERE action LIKE ?";// The query is now parameterized
try (Connection connection = dataSource.getConnection()) {
+ PreparedStatement statement = null;
+ ResultSet results = null;
try {
- Statement statement = connection.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
- ResultSet results = statement.executeQuery(query);
+ statement = connection.prepareStatement(query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
+ statement.setString(1, '%' + action + '%');
+ results = statement.executeQuery();
if (results.getStatement() != null) {
results.first();
@@ -79,8 +82,14 @@
} else {
return success(this).feedback("sql-injection.10.success").build();
}
+ } finally {
+ if (results != null) {
+ results.close();
+ }
+ if (statement != null) {
+ statement.close();
+ }
}
-
} catch (Exception e) {
return failed(this).output("" + e.getMessage() + "").build();
}
src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java
✓ Edit
Check src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java with contents:
Ran GitHub Actions for 70ee60bfb32c7bb76b2a6daf106c73f1ad1b199c:
I have finished reviewing the code for completeness. I did not find errors for sweep/fix_the_sql_injection_sqlinjectionlesson
.
💡 To recreate the pull request edit the issue title or description. To tweak the pull request, leave a comment on the pull request. Join Our Discord
Checklist
- [X] Modify `src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java` ✓ https://github.com/qdw1987/WebGoat/commit/70ee60bfb32c7bb76b2a6daf106c73f1ad1b199c [Edit](https://github.com/qdw1987/WebGoat/edit/sweep/fix_the_sql_injection_sqlinjectionlesson/src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java) - [X] Running GitHub Actions for `src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java` ✓ [Edit](https://github.com/qdw1987/WebGoat/edit/sweep/fix_the_sql_injection_sqlinjectionlesson/src/main/java/org/owasp/webgoat/lessons/sql_injection/introduction/SqlInjectionLesson10.java)