Skip to content

Commit

Permalink
Merge branch 'pmo-229-reflection-fix' into 'master'
Browse files Browse the repository at this point in the history 
Fix unsafe reflection demo

See merge request solutions-architecture/verademo!44
  • Loading branch information
Matt Runkle committed Aug 14, 2018
2 parents 6637f02 + cd285ca commit 3db9e70
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/main/java/com/veracode/verademo/commands/RemoveAccountCommand.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ public void execute(String blabberUsername) {
action.setString(2, blabberUsername);
action.execute();

sqlQuery = "SELECT blab_name FROM users WHERE username = " + blabberUsername;
sqlQuery = "SELECT blab_name FROM users WHERE username = '" + blabberUsername +"'";
Statement sqlStatement = connect.createStatement();
logger.info(sqlQuery);
ResultSet result = sqlStatement.executeQuery(sqlQuery);
Expand All @@ -46,7 +46,7 @@ public void execute(String blabberUsername) {
logger.info(sqlQuery);
sqlStatement.execute(sqlQuery);

sqlQuery = "DELETE FROM users WHERE username = " + blabberUsername;
sqlQuery = "DELETE FROM users WHERE username = '" + blabberUsername + "'";
logger.info(sqlQuery);
sqlStatement.execute(sqlQuery);
/* END BAD CODE */
Expand Down

0 comments on commit 3db9e70

Please sign in to comment.