Skip to content

[SAST] SQL_Injection in file QueryApi.java(GONRG-8065, GONRG-8066)

Rustam Lotsmanenko (EPAM) requested to merge gc-fix-sql-injection into master

Vulnerability was detected in project source code. Security testing type: SAST.

Source Destination
File well-delivery/wd-core/src/main/java/org/opengroup/osdu/wd/core/api/QueryApi.java well-delivery/provider/wd-gc/src/main/java/org/opengroup/osdu/wd/gcp/dataaccess/db/postgres/JdbcEntityRepository.java
Line number 108 441
Object type query
Code line @PathVariable("type") String type, entities = jdbcTemplate.query(sqlQuery,

The application's getJdbcEntity method executes an SQL query with query, at line 441 of \well-delivery\provider\wd-gc\src\main\java\org\opengroup\osdu\wd\gcp\dataaccess\db\postgres\JdbcEntityRepository.java. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input type; this input is then read by the getObjectsByWellbore_actual method at line 108 of \well-delivery\wd-core\src\main\java\org\opengroup\osdu\wd\core\api\QueryApi.java. This input then flows through the code, into a query and to the database server - without sanitization.This may enable an SQL Injection attack.

Edited by Rustam Lotsmanenko (EPAM)

Merge request reports