Class: Scanny::Checks::Sql::StringInterpolationWithParamsCheck

Inherits:

SqlCheck

• Object
• Check
• SqlCheck
• Scanny::Checks::Sql::StringInterpolationWithParamsCheck

Defined in:

lib/scanny/checks/sql_injection/string_interpolation_with_params_check.rb

Overview

Checks for use of dynamic strings in when creating an SQL query

Instance Method Summary

• #check(node) ⇒ Object
• #pattern ⇒ Object

Methods inherited from Check

#compiled_pattern, #issue, #strict?, #visit

Instance Method Details

#check(node) ⇒ Object

# File 'lib/scanny/checks/sql_injection/string_interpolation_with_params_check.rb', line 12

def check(node)
  issue :high, warning_message, :cwe => 89
end

#pattern ⇒ Object

# File 'lib/scanny/checks/sql_injection/string_interpolation_with_params_check.rb', line 8

def pattern
  pattern_params_in_select
end