|
1 | 1 | #select |
2 | 2 | | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value | |
3 | | -| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value | |
4 | 3 | | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value | |
5 | 4 | edges |
6 | 5 | | Mysql2.rb:3:5:3:8 | name | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep | |
7 | | -| Mysql2.rb:3:5:3:8 | name | Mysql2.rb:16:37:16:40 | name | provenance | | |
8 | 6 | | Mysql2.rb:3:5:3:8 | name | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep | |
9 | 7 | | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:3:12:3:29 | ...[...] | provenance | | |
10 | 8 | | Mysql2.rb:3:12:3:29 | ...[...] | Mysql2.rb:3:5:3:8 | name | provenance | | |
11 | | -| Mysql2.rb:16:5:16:11 | escaped | Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep | |
12 | | -| Mysql2.rb:16:15:16:41 | call to escape | Mysql2.rb:16:5:16:11 | escaped | provenance | | |
13 | | -| Mysql2.rb:16:37:16:40 | name | Mysql2.rb:16:15:16:41 | call to escape | provenance | MaD:1 | |
14 | | -models |
15 | | -| 1 | Summary: Mysql2::Client!; Method[escape]; Argument[0]; ReturnValue; taint | |
16 | 9 | nodes |
17 | 10 | | Mysql2.rb:3:5:3:8 | name | semmle.label | name | |
18 | 11 | | Mysql2.rb:3:12:3:17 | call to params | semmle.label | call to params | |
19 | 12 | | Mysql2.rb:3:12:3:29 | ...[...] | semmle.label | ...[...] | |
20 | 13 | | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." | |
21 | | -| Mysql2.rb:16:5:16:11 | escaped | semmle.label | escaped | |
22 | | -| Mysql2.rb:16:15:16:41 | call to escape | semmle.label | call to escape | |
23 | | -| Mysql2.rb:16:37:16:40 | name | semmle.label | name | |
24 | | -| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." | |
25 | 14 | | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." | |
26 | 15 | subpaths |
27 | | -testFailures |
28 | | -| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | Unexpected result: Alert | |
0 commit comments