Consider sqli support for other common SQL packages

[picatz]

At this time, database/sql and GORMv1 are considered for the sqli demo CLI tool.

taint/sql/injection/injection.go

Lines 46 to 73 in f43d4ad

	var injectableSQLMethods = taint.NewSinks(
	// Note: at this time, they *must* be a function or method.
	"(*database/sql.DB).Query",
	"(*database/sql.DB).QueryContext",
	"(*database/sql.DB).QueryRow",
	"(*database/sql.DB).QueryRowContext",
	"(*database/sql.Tx).Query",
	"(*database/sql.Tx).QueryContext",
	"(*database/sql.Tx).QueryRow",
	"(*database/sql.Tx).QueryRowContext",
	// GORM v1
	// https://gorm.io/docs/security.html
	// https://gorm.io/docs/security.html#SQL-injection-Methods
	"(*github.com/jinzhu/gorm.DB).Where",
	"(*github.com/jinzhu/gorm.DB).Or",
	"(*github.com/jinzhu/gorm.DB).Not",
	"(*github.com/jinzhu/gorm.DB).Group",
	"(*github.com/jinzhu/gorm.DB).Having",
	"(*github.com/jinzhu/gorm.DB).Joins",
	"(*github.com/jinzhu/gorm.DB).Select",
	"(*github.com/jinzhu/gorm.DB).Distinct",
	"(*github.com/jinzhu/gorm.DB).Pluck",
	"(*github.com/jinzhu/gorm.DB).Raw",
	"(*github.com/jinzhu/gorm.DB).Exec",
	"(*github.com/jinzhu/gorm.DB).Order",
	//
	// TODO: add more, consider (non-)pointer variants?
	)

It would be worth considering expanding support to other common SQL packages. It might be interesting to attempt parity with CodeQL's support?

https://github.com/github/codeql/blob/f5406570f7b44b4ce62e0d4107cb6f8d0663eeaf/go/ql/lib/semmle/go/frameworks/SQL.qll#L244-L257

It might also be worth considering how to enable contextual support, based on the packages that are imported for a target program; if database/sql is imported, then only those (sink) types will be searched for.