Skip to content

Commit

Permalink
Merge pull request #583 from sipcapture/alert-autofix-2
Browse files Browse the repository at this point in the history 
Fix code scanning alert no. 2: Database query built from user-controlled sources
  • Loading branch information
@adubovikov
adubovikov authored Jan 7, 2025
2 parents 607fbd1 + 15323e8 commit c40c661
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions data/service/agentSub.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,10 +104,8 @@ func (hs *AgentsubService) GetAgentsubAgainstGUIDAndType(guid string, typeReques
var AgentsubObject model.TableAgentLocationSession
var count int

whereSQL := fmt.Sprintf("expire_date > NOW() AND guid = '%s' AND type LIKE '%%%s%%'", guid, typeRequest)

if err := hs.Session.Debug().Table("agent_location_session").
Where(whereSQL).
Where("expire_date > NOW() AND guid = ? AND type LIKE ?", guid, "%"+typeRequest+"%").
Find(&AgentsubObject).Count(&count).Error; err != nil {
return AgentsubObject, err
}
Expand Down

0 comments on commit c40c661

Please sign in to comment.