Improve B608 to work with control flow (!126) · Merge requests · GitLab.org / security-products / sast-rules

The previous patterns don't account for tainting within control flow statements. The extra set of ellipses before the taint enable Semgrep to match SQLi introduced within the body of an if branch.

See the following issues for more information:

https://gitlab.com/gitlab-org/gitlab/-/issues/357679#note_1301505001
gitlab-org/gitlab#396788 (closed)

Edited Mar 20, 2023 by James Liu

Improve B608 to work with control flow

Merge request reports