Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Snyk: Sanitize and bind ACL service dependency queries #11387

Merged
merged 1 commit into from
Jul 19, 2022
Merged

Snyk: Sanitize and bind ACL service dependency queries #11387

merged 1 commit into from
Jul 19, 2022

Conversation

hyahiaoui-ext
Copy link
Contributor

@hyahiaoui-ext hyahiaoui-ext commented Jul 15, 2022
edited
Loading

Description

Queries should be sanitized (if possible) and bound using PDO statement to reduce attack surface and clean legacy code.

Snyk CLI result preview:
image

Fixes # MON-14257

Type of change

  • Patch fixing an issue (non-breaking change)
  • New functionality (non-breaking change)
  • Breaking change (patch or feature) that might cause side effects breaking part of the Software

Target serie

  • 21.04.x
  • 21.10.x
  • 22.04.x
  • 22.10.x (master)

Checklist

Community contributors & Centreon team

  • I have followed the coding style guidelines provided by Centreon
  • I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
  • I have commented my code, especially hard-to-understand areas of the PR.
  • I have rebased my development branch on the base branch (master, maintenance).

@hyahiaoui-ext hyahiaoui-ext self-assigned this Jul 15, 2022
@hyahiaoui-ext hyahiaoui-ext requested a review from a team July 15, 2022 00:07
@sonarqube-decoration
Copy link

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots (100.0% 100.0% reviewed)
Code Smell A 1063 Code Smells

0.0% 0.0% Coverage
5.9% 5.9% Duplication

@hyahiaoui-ext hyahiaoui-ext merged commit caddc81 into develop Jul 19, 2022
@hyahiaoui-ext hyahiaoui-ext deleted the MON-14257 branch July 19, 2022 03:06
hyahiaoui-ext added a commit that referenced this pull request Jul 19, 2022
@hyahiaoui-ext
Snyk: Sanitize and bind ACL service dependency queries (#11387)
275c1d2
hyahiaoui-ext added a commit that referenced this pull request Jul 19, 2022
@hyahiaoui-ext
Snyk: Sanitize and bind ACL service dependency queries (#11387)
86edd25
hyahiaoui-ext added a commit that referenced this pull request Jul 19, 2022
@hyahiaoui-ext
Snyk: Sanitize and bind ACL service dependency queries (#11387)
bc3f740
emabassi-ext pushed a commit that referenced this pull request Jul 26, 2022
@hyahiaoui-ext @emabassi-ext
Snyk: Sanitize and bind ACL service dependency queries (#11387)
53bbceb
hyahiaoui-ext added a commit that referenced this pull request Jul 29, 2022
@hyahiaoui-ext
Snyk: Sanitize and bind ACL service dependency queries (#11387)
d18c878
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jeremyjaouen jeremyjaouen jeremyjaouen approved these changes

@kduret kduret kduret approved these changes

@callapa callapa Awaiting requested review from callapa

@a-launois a-launois Awaiting requested review from a-launois

Assignees

@hyahiaoui-ext hyahiaoui-ext

Labels
area/backend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hyahiaoui-ext @kduret @jeremyjaouen