From 792a7c8763bc22340091af9fdad70dc639a701e9 Mon Sep 17 00:00:00 2001 From: imertetsu Date: Tue, 8 Oct 2024 17:10:39 -0400 Subject: [PATCH] Add secure implementation level 4 for BlindSQLInjectionVulneravility --- .../BlindSQLInjectionVulnerability.java | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/src/main/java/org/sasanlabs/service/vulnerability/sqlInjection/BlindSQLInjectionVulnerability.java b/src/main/java/org/sasanlabs/service/vulnerability/sqlInjection/BlindSQLInjectionVulnerability.java index 45bb82e4..47bf3b43 100644 --- a/src/main/java/org/sasanlabs/service/vulnerability/sqlInjection/BlindSQLInjectionVulnerability.java +++ b/src/main/java/org/sasanlabs/service/vulnerability/sqlInjection/BlindSQLInjectionVulnerability.java @@ -106,4 +106,32 @@ public ResponseEntity getCarInformationLevel3( ErrorBasedSQLInjectionVulnerability.CAR_IS_NOT_PRESENT_RESPONSE); }); } + + //Input Validation - Ensure that the input data is valid and of the expected type. + @VulnerableAppRequestMapping( + value = LevelConstants.LEVEL_4, + variant = Variant.SECURE, + htmlTemplate = "LEVEL_1/SQLInjection_Level1") + public ResponseEntity getCarInformationLevel4( + @RequestParam Map queryParams) { + String id = queryParams.get(Constants.ID); + + // Validate numeric ID + if (!id.matches("\\d+")) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid ID format."); + } + + BodyBuilder bodyBuilder = ResponseEntity.status(HttpStatus.OK); + bodyBuilder.body(ErrorBasedSQLInjectionVulnerability.CAR_IS_NOT_PRESENT_RESPONSE); + return applicationJdbcTemplate.query( + "select * from cars where id=" + id, + (rs) -> { + if (rs.next()) { + return bodyBuilder.body(CAR_IS_PRESENT_RESPONSE); + } + return bodyBuilder.body( + ErrorBasedSQLInjectionVulnerability.CAR_IS_NOT_PRESENT_RESPONSE); + }); + } + }