Commit Graph

7 Commits

Author SHA1 Message Date
Robin Appelman 06a4d6b5b9 Also repair storage id's when repairing invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 14:06:13 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Robin Appelman 8b58b4c2a7
Fix invalid path repair step not getting all invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-18 14:01:49 +02:00
Robin Appelman 350e036c56 chunk getting invalid paths and reuse queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:38 +02:00
Robin Appelman 4a727a578c use a generator instead of fetching all rows at once
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:34 +02:00
Robin Appelman 601362e164
adjust to moved repair step
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-29 14:45:08 +02:00
Morris Jobke 846e62c225 Run repair step only once
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-22 15:43:59 -05:00