Test case 149100

Type: source code
Pairs: 149099-v2.0.0
State: good
Author: NIST, Alexander Hoole, Aurelien Delaitre
Status: candidate
Language: C
Submission Date: 23 Mar 2015

Description

The SQL Injection is not possible because the arguments are validated. The code complexity is in the call of another function to perform the MySQL query.

Flaws

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Test Suites

C Test Suite for Source Code Analyzer - Secure v2

Have any comments on this test case? Please, send us an email.