Module: Aikido::Zen::Sinks::SQLite3

Defined in:
lib/aikido/zen/sinks/sqlite3.rb

Defined Under Namespace

Modules: Helpers

Constant Summary collapse

SINK = 
Sinks.add("sqlite3", scanners: [Scanners::SQLInjectionScanner])

Class Method Summary collapse

Class Method Details

.load_sinks!Object 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/aikido/zen/sinks/sqlite3.rb', line 18

def self.load_sinks!
  if Aikido::Zen.satisfy "sqlite3", ">= 1.0"
    require "sqlite3"

    ::SQLite3::Database.class_eval do
      extend Sinks::DSL

      private

      # SQLite3::Database#exec_batch is an internal native private method.
      sink_before :exec_batch do |sql|
        Helpers.scan(sql, "exec_batch")
      end
    end

    ::SQLite3::Statement.class_eval do
      extend Sinks::DSL

      sink_before :initialize do |_db, sql|
        Helpers.scan(sql, "statement.execute")
      end
    end
  end
end