Merge Develop into Release (#3516)

* Allow OWASP Top 10 references from Kubernetes and LLM Top 10 (#3499) Co-authored-by: Berne Campbell <[email protected]> Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]> * Add literal pattern (#3507) Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]> * Filter exceptions from tainted-sql-string (#3501) Co-authored-by: Berne Campbell <[email protected]> Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]> --------- Co-authored-by: berney <[email protected]> Co-authored-by: Berne Campbell <[email protected]> Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]> Co-authored-by: QU35T-code <[email protected]>
semgrep · Nov 18, 2024 · 6c78f54 · 6c78f54
1 parent d53e57e
commit 6c78f54
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/scala/lang/security/audit/tainted-sql-string.scala b/scala/lang/security/audit/tainted-sql-string.scala
@@ -94,4 +94,9 @@ object Smth {
         logWarning(s"Create user $name")
     }
   }
+
+  def throwException(name: String) = {
+    // ok: tainted-sql-string
+    throw new IllegalArgumentException(s"Can't create a ${name}")
+  }
 }
diff --git a/scala/lang/security/audit/tainted-sql-string.yaml b/scala/lang/security/audit/tainted-sql-string.yaml
@@ -73,6 +73,7 @@ rules:
         - pattern-regex: |
             .*\b(?i)(select|delete|insert|create|update|alter|drop)\b.*
     - pattern-not-inside: println(...)
+    - pattern-not-inside: throw new $EXCEPTION(...)
   pattern-sanitizers:
   - pattern-either:
     - patterns: