[Tizen Application-dev] Security vulnerabilities in WebApp is detected.

Вячеслав Зайцев slava at ifaced.ru
Wed Sep 11 15:52:02 GMT 2013


I know about SQL-Injection, but I do not see it here. Methods from list 
located inside code of JayData library http://jaydata.org/ and its 
developers have taken care of the safety of substituting values within 
library code.
The application does not contain any plain SQL queries. Everything done 
through models and properly escaped before substituting into raw SQL.

Thx for reply.

11.09.13, 22:37, Hanchett, Paul пишет:
> Your attached file seems to have been lost to the list...
>
> A classic SQL vulnerabilitiy that can be detected automatically is not 
> using prepared SQL statements rather than an exec query.  Here's an 
> article that shows examples of both: 
> http://stackoverflow.com/questions/1703203/in-sqlite-do-prepared-statements-really-improve-performance. 
>
>
> The reason to use prepared statements is *not* speed but rather 
> security: Using prepared statements there is no way I can change the 
> prepared SQL statement into anotherthat  command; it's relatively easy 
> to do with an exec, if I can control some portion of the data inserted 
> into the exec (usually through concatenation).
>
> Just a thought.
>
> Paul
>
>
> Paul Hanchett
> -------------------
> Infotainment Engineer
> MSX on behalf of Jaguar Land Rover
> One World Trade Center, 121 Southwest Salmon Street, 11th Floor, 
> Portland, Oregon, 97204
>
> Email: phanchet at jaguarlandrover.com <mailto:phanchet at jaguarlandrover.com>
> -------------------
>
> Business Details:
> Jaguar Land Rover Limited
> Registered Office: Abbey Road, Whitley, Coventry CV3 4LF
> Registered in England No: 1672070
>
>
> On Tue, Sep 10, 2013 at 9:33 PM, Вячеслав Зайцев <slava at ifaced.ru 
> <mailto:slava at ifaced.ru>> wrote:
>
>     Hi. Problem with certification. Application rejected with defect
>     "Security vulnerabilities in WebApp is detected. For more
>     information about the issue, please refer to the attached file.".
>     Attached file is a list of methods from JayData library with name
>     "executeQuery" and the line number in the file. Example:
>
>     cmd.executeQuery [SqLiteProvider.js]
>     sqlCommand.executeQuery [SqLiteProvider.js]
>     operationProvider.storageProvider.executeQuery
>     [IndexedDbProvider.min.js, IndexedDbProvider.js]
>     f.storageProvider.executeQuery [jaydata.min.js]
>     command.executeQuery [SqLiteProvider.js]
>     e.entityContext.executeQuery [jaydata.min.js]
>     data.QueryCache.executeQuery [jaydata.min.js]
>     g.executeQuery [SqLiteProvider.min.js]
>     a.executeQuery [jaydata.min.js]
>     this.entityContext.executeQuery [jaydata.min.js]
>
>     There is no explanation of category of vulnerabilities and how to
>     reproduce it. I think that this is result of automatic code
>     scanner work and just a mistake, but in comments to issue no one
>     answered.
>
>     Who ever encountered a problem like this? How to solve?
>
>     Content ID 000000004857
>     Defect ID 2218460
>     _______________________________________________
>     Application-dev mailing list
>     Application-dev at lists.tizen.org
>     <mailto:Application-dev at lists.tizen.org>
>     https://lists.tizen.org/listinfo/application-dev
>
>
>
> -- 
> ----------------------------------
> Вячеслав Зайцев  www.interfaced.ru
> +7-3822-93-81-74   slava at ifaced.ru
> http://linkedin.com/in/vyatcheslav
> ----------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tizen.org/pipermail/application-dev/attachments/20130911/5b3c6b86/attachment.html>


More information about the Application-dev mailing list