Using tainted data in an SQL query – such as query parameters or form input supplied by a user – can leave your application vulnerable to SQL injection attacks.
If you must query a database on the user's behalf, ensure that the data received is properly sanitized.
If you can guarantee that your code snippet is safe, add a skipcq comment to document the reason. This will also prevent DeepSource from raising this issue.
import { Client } from 'pg';
const pgClient = new Client({ /* ... */ });
app.get("/resource", (req, res) => {
const query = "select * from user where name = " + req.query.name;
const result = await pgClient.query(query);
// This is vulnerable to injection---^
});
import { Client } from 'pg';
const pgClient = new Client({ /* ... */ });
app.get("/resource", (req, res) => {
const sanitizedName = sanitize(req.query.name);
// A "sanitize" function should ideally return a sanitized value and not just validate.
const query = "select * from user where name = " + sanitizedName;
const result = await pgClient.query(query);
});