Skip to content

Commit caa8064

Browse files
committed
Update avoid-unsanitized-sql.go
1 parent 1b43d79 commit caa8064

1 file changed

Lines changed: 4 additions & 2 deletions

File tree

checkers/python/avoid-unsanitized-sql.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,10 @@ func checkSQLInjection(r analysis.Rule, ana *analysis.Analyzer, node *sitter.Nod
4242
// If the query string is built unsafely, report an issue.
4343
if isUnsafeString(firstArg, source) {
4444
ana.Report(&analysis.Issue{
45-
Message: "Direct use of unsafe string in SQL query",
46-
Range: node.Range(),
45+
Message: "Concatenated string in SQL query is an SQL injection threat!",
46+
Category: analysis.CategorySecurity,
47+
Severity: analysis.SeverityCritical,
48+
Range: node.Range(),
4749
})
4850
return
4951
}

0 commit comments

Comments
 (0)