jim-bentler
jim-bentler
## Environment SpotBugs Eclipse plugin: SpotBugs 4.8.4.202401211731-1e2b791 com.github.spotbugs.plugin.eclipse FindSecBugs plugin: findsecbugs-plugin-1.12.0.jar Eclipse running in Java 21 ## Problem A wrapper method configured as a custom SQL sink that simply calls...
Mark java.sql.Statement enquoteIdentifer, enquoteLiteral, and enquoteNCharLiteral SQL_INJECTION_SAFE
There is no built-in support for java.sql.Statement enquoteIdentifer, enquoteLiteral, or enquoteNCharLiteral. They should be defined as SQL_INJECTION_SAFE: ``` java/sql/Statement.enquoteLiteral(Ljava/lang/String;)Ljava/lang/String;:0|+SQL_INJECTION_SAFE java/sql/Statement.enquoteIdentifier(Ljava/lang/String;Z)Ljava/lang/String;:1|+SQL_INJECTION_SAFE java/sql/Statement.enquoteNCharLiteral(Ljava/lang/String;)Ljava/lang/String;:0|+SQL_INJECTION_SAFE ```