SQL injection

1. SQL injection

A vulnerability that could lead to unauthorized use of a database by a malicious request to the database.

Fundamental solution # 1: Implement all SQL statement construction with placeholders

Below are the search actions for the Rails app search form. Gets an array of posts containing the specified string from the Post model.

posts_controller.rb



def search

  @posts = if params[:search].present?
             Post.where([
               'Column name LIKE?', "%#{params[:search]}%"
             ])
           else
             Post.none
           end

#Bad SQL →'Column name LIKE"%#{params[:search]}%"'

end

Using the SQL placeholder "?", The SQL syntax is first determined and then the actual value is assigned by mechanical processing. (* Placeholder: A place temporarily reserved for inserting the actual content later.) Compared to the method of directly assembling the SQL syntax by string concatenation processing, it is possible to eliminate the SQL injection vulnerability by taking the method of assembling the SQL syntax by such mechanical processing.

References

IPA-How to make a secure website

Recommended Posts

SQL injection
Database operation (SQL)
Spring injection various