tracker issue | What iT iS dESign studios

Title:

SQLi not flagged for variables in else-if and else block.

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): / ext-user (S Preethi)

Created: 05/19/2016

Components: Security Analyzer

Versions: 2016

Failure Type:

Found In Build/Fixed In Build: 298952 /

Priority/Frequency: Major / Some users will encounter

Locale/System: English / Linux All,Mac 10 All,Solaris All,Win XP All

Vote Count: 0

Listed in the version 2016.0.03.300466 Issues Fixed doc

Problem:
SQLi not flagged for variables in else-if and else block.

Method:

<cfquery name="request.listing" datasource="cfartgallery">
    SELECT      ARTISTID, FIRSTNAME, LASTNAME, EMAIL, THEPASSWORD, ADDRESS, CITY, STATE, POSTALCODE, PHONE, FAX 
    FROM        ARTISTS
    WHERE      1=1
    <cfif Len(url.state)>
    AND        STATE = #url.state#"  //flagged
    <cfelse>
    AND        STATE = #url.state#" //not flagged
    </cfif>
    ORDER BY    #url.orderby#
</cfquery>

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4155265

External Customer Info:
External Company:  
External Customer Name:  
External Customer Email:

Attachments:

Comments:

The fix will be available in the next update of ColdFusion.
Thanks!

Comment by S P.

2758 | July 07, 2016 05:11:01 AM GMT

tracker issue : CF-4155265

SQLi not flagged for variables in else-if and else block.