Codeinterpreter

Breakman Rails: How to avoid SQL injection

Breakman is static analysis security scanner for Ruby on Rails. It's open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

I will share some trick to avoid Breakman SQL Injection medium settings warning.

1. Example Case "IN query": 
Wrong Format :
  id = [1,2,3,4,5]
  query = self.find(:all, :conditions =>["id in ("+id.joins(",")+")"])
Correct Format :
  id = [1,2,3,4,5]
   query = self.find(:all, :conditions =>["id in (?)", id])
  or
   query = self.where("id in (?)", id)

2. Example Case "string query": 
Wrong Format :
  query = self.where("id = '"+id+"' and place = '"+place+"' and user = '"+user+"' ")
Correct Format :
  query_conditions = []
  unless id.blank?
  query_conditions << {"id = '"+id+"'"}
  end
  unless id.blank?
  query_conditions << {"place= '"+place+"'"}
  end
  unless id.blank?
  query_conditions << {"user = '"+user+"'"}
  end
  query_where = query_conditions.joins("and")
  result = self.where(query_where)
Codeinterpreter
Load comments