ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S3649/csharp/rule.adoc

82 lines
1.9 KiB
Plaintext
Raw Normal View History

Add rules 3000-3999
2020-06-30 12:48:39 +02:00
include::../description.adoc[]
== Noncompliant Code Example
----
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using WebApplication1.Controllers;
namespace WebApplicationDotNetCore.Controllers
{
public class RSPEC3649SQLiNoncompliant : Controller
{
private readonly UserAccountContext _context;
public RSPEC3649SQLiNoncompliant(UserAccountContext context)
{
_context = context;
}
public IActionResult Authenticate(string user)
{
string query = "SELECT * FROM Users WHERE Username = '" + user + "'";
// an attacker can bypass authentication by setting user to this special value
// user = "' or 1=1 or ''='";
var userExists = false;
if (_context.Database.ExecuteSqlCommand(query) > 0) // Noncompliant
{
userExists = true;
}
return Content(userExists ? "success" : "fail");
}
}
}
----
== Compliant Solution
----
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using WebApplication1.Controllers;
namespace WebApplicationDotNetCore.Controllers
{
public class RSPEC3649SQLiCompliant : Controller
{
private readonly UserAccountContext _context;
public RSPEC3649SQLiCompliant(UserAccountContext context)
{
_context = context;
}
public IActionResult Authenticate(string user)
{
var query = "SELECT * FROM Users WHERE Username = {0}"; // Safe
var userExists = false;
if (_context.Database.ExecuteSqlCommand(query, user) > 0)
{
userExists = true;
}
return Content(userExists ? "success" : "fail");
}
}
}
----
include::../see.adoc[]
Export comments and rspec-to-rspec links from jira
2021-06-02 20:44:38 +02:00
ifdef::rspecator-view[]
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::rspecator-view[]
Reference in New Issue Copy Permalink