• This repository has been archived on 21/Sep/2021
  • Stars
    star
    563
  • Rank 79,150 (Top 2 %)
  • Language
    Go
  • License
    MIT License
  • Created almost 10 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Static analysis tool for Golang that protects against SQL injections

This project is deprecated and is no longer being actively maintained.

SafeSQL

SafeSQL is a static analysis tool for Go that protects against SQL injections.

Usage

$ go get github.com/stripe/safesql

$ safesql
Usage: safesql [-q] [-v] package1 [package2 ...]
  -q=false: Only print on failure
  -v=false: Verbose mode

$ safesql example.com/an/unsafe/package
Found 1 potentially unsafe SQL statements:
- /Users/alice/go/src/example.com/an/unsafe/package/db.go:14:19
Please ensure that all SQL queries you use are compile-time constants.
You should always use parameterized queries or prepared statements
instead of building queries from strings.

$ safesql example.com/a/safe/package
You're safe from SQL injection! Yay \o/

How does it work?

SafeSQL uses the static analysis utilities in go/tools to search for all call sites of each of the query functions in packages (database/sql,github.com/jinzhu/gorm,github.com/jmoiron/sqlx) (i.e., functions which accept a parameter named query,sql). It then makes sure that every such call site uses a query that is a compile-time constant.

The principle behind SafeSQL's safety guarantees is that queries that are compile-time constants cannot be subverted by user-supplied data: they must either incorporate no user-controlled values, or incorporate them using the package's safe placeholder mechanism. In particular, call sites which build up SQL statements via fmt.Sprintf or string concatenation or other mechanisms will not be allowed.

False positives

If SafeSQL passes, your application is free from SQL injections (modulo bugs in the tool), however there are a great many safe programs which SafeSQL will declare potentially unsafe. These false positives fall roughly into two buckets:

First, SafeSQL does not currently recursively trace functions through the call graph. If you have a function that looks like this:

func MyQuery(query string, args ...interface{}) (*sql.Rows, error) {
        return globalDBObject.Query(query, args...)
}

and only call MyQuery with compile-time constants, your program is safe; however SafeSQL will report that (*database/sql.DB).Query is called with a non-constant parameter (namely the parameter to MyQuery). This is by no means a fundamental limitation: SafeSQL could recursively trace the query argument through every intervening helper function to ensure that its argument is always constant, but this code has yet to be written.

The second sort of false positive is based on a limitation in the sort of analysis SafeSQL performs: there are many safe SQL statements which are not feasible (or not possible) to represent as compile-time constants. More advanced static analysis techniques (such as taint analysis).

In order to ignore false positives, add the following comment to the line before or the same line as the statement:

//nolint:safesql

Even if a statement is ignored it will still be logged, but will not cause safesql to exit with a status code of 1 if all found statements are ignored.

Adding tests

To add a test create a new director in testdata and add a go program in the folder you created, for an example look at testdata/multiple_files.

After adding a new directory and go program, add an entry to the tests map in safesql_test.go, which will run the tests against the program added.

More Repositories

1

jquery.payment

[DEPRECATED] A general purpose library for building credit card forms, validating inputs and formatting numbers.
CoffeeScript
3,538
star
2

react-stripe-elements

Moved to stripe/react-stripe-js.
JavaScript
3,026
star
3

mosql

MongoDB β†’ PostgreSQL streaming replication
Ruby
1,629
star
4

stripe-payments-demo

Sample store accepting universal payments on the web with Stripe Elements, Payment Request, Apple Pay, Google Pay, Microsoft Pay, and the PaymentIntents API. πŸ’³πŸŒβœ¨
JavaScript
1,471
star
5

shop

Single-page shop
CSS
1,126
star
6

flow-to-typescript-codemod

Codemod Stripe used to migrate 6.5m+ lines of code from Flow to TypeScript
TypeScript
675
star
7

PaymentKit

Easily accept payments on iOS
Objective-C
470
star
8

brushfire

Distributed decision tree ensemble learning in Scala
Scala
391
star
9

stripe-webhook-monitor

Stripe Webhook Monitor provides a real-time feed and graph of Stripe events received via webhooks. πŸ“ˆβœ¨
JavaScript
366
star
10

accept-a-card-payment

Learn how to accept a basic card payment on web, iOS, Android
Java
351
star
11

jquery.mobilePhoneNumber

[DEPRECATED] A general purpose library for validating and formatting mobile phone numbers.
CoffeeScript
331
star
12

nextjs-typescript-react-stripe-js

Full-stack TypeScript example using Next.js, react-stripe-js, and stripe-node.
TypeScript
329
star
13

topmodel

Standard evaluations for binary classifiers so you don't have to
Python
316
star
14

gaps

Easy management of your Google Groups subscriptions.
Ruby
284
star
15

developer-office-hours

A collection of Stripe Developer Office Hours demos 🎬
Ruby
245
star
16

ApplePayStubs

Test your Apple Pay integration without Apple Pay
Objective-C
193
star
17

timberlake

Timberlake is a Job Tracker for Hadoop.
Go
177
star
18

wilde-things

A tutorial integrating Stripe in PHP
PHP
175
star
19

sequins

A key/value store for serving static batch data
Go
174
star
20

checkout-subscription-and-add-on

Uses Stripe Checkout to create a payment page that starts a subscription for a new customer.
CSS
162
star
21

mongoriver

A library for writing MongoDB oplog tailers.
Ruby
153
star
22

stripe-demo-connect-kavholm-marketplace

Demo app for Global Marketplace using Stripe Connect
JavaScript
139
star
23

herringbone

Tools for working with parquet, impala, and hive
Thrift
135
star
24

pd2pg

Import PagerDuty data into Postgres for analysis
Ruby
110
star
25

payment-form-modal

How to implement Stripe Elements within a modal dialog.
JavaScript
106
star
26

datadog-checks

Checks for the Datadog Agent that Stripe finds useful.
Python
99
star
27

set-up-subscriptions

Getting started with Stripe Elements and Stripe Billing to charge a customer for a monthly subscription.
CSS
96
star
28

macgyver

A Chrome extension which duct tapes an SSH agent to the platformKey API
Go
90
star
29

react-elements-card-payment

Learn how to build a checkout form with React
CSS
87
star
30

chalk-log

Chalk::Log adds a logger object to any class, which can be used for unstructured or semi-structured logging.
Ruby
72
star
31

agate

Scoring ONNX models on the JVM in scala
Scala
68
star
32

sbt-bazel

Easily convert SBT projects to Bazel workspaces
Scala
54
star
33

charging-for-multiple-plan-subscriptions

Getting started with Stripe Elements and Stripe Billing to charge a customer for a monthly subscription with multiple items.
JavaScript
54
star
34

checkout-remember-me-with-twilio-verify

Use Stripe Checkout to collect payment details for future payments and Twilio Verify to authenticate the customer via SMS code and charge their stored card.
JavaScript
50
star
35

firebase-mobile-payments

Firebase Cloud Functions to create payments in native Android and iOS applications.
Kotlin
49
star
36

identity-verification

Securely collect and verify identity documents
JavaScript
44
star
37

falconer

High throughout, unsampled tracing span buffer with streaming search
Go
40
star
38

web-elements-sepa-debit-payment

Collect SEPA Debit mandates and payments.
Objective-C
37
star
39

payment-tag

CoffeeScript
34
star
40

stripe-stdlib-demo

Sample store accepting universal payments built with @Stripe and @StdLib.
JavaScript
33
star
41

chalk-config

Maps on-disk config files into a loaded global configatron instance, taking into account your current environment.
Ruby
28
star
42

go-einhorn

Talk to einhorn from your Go worker
Go
25
star
43

sample-terminal-ios-app

Learn how to take in-person payments with a physical reader and Terminal in your iOS app
Swift
19
star
44

adding-sales-tax

Learn how to use PaymentIntents to build a simple checkout flow
CSS
18
star
45

javascript-style

Javascript linter with rules for Stripe projects
JavaScript
16
star
46

scrooge-shapes

Shapeless generic instances for Scrooge types
Scala
14
star
47

datadog-cli-tools

CLI tools we find useful for Datadog
Ruby
13
star
48

submigrate

Combine multiple subscriptions into a single subscription with multiple items
Go
12
star
49

web-elements-fpx-payment

Accept Malaysian online bank transfers with the Stripe FPX Element.
JavaScript
12
star
50

siv-go

A pure Go implementation of the SIV AEAD.
Go
11
star
51

au-becs-debit-payment

Collecting AU BECS Direct Debit mandates and payments.
Java
10
star
52

oxxo-payment

Learn how to accept OXXO and card payments
JavaScript
10
star
53

round-up-and-donate

Build a round up and donate feature with Connect
CSS
10
star
54

random

A collection of random utilities
Shell
9
star
55

web-elements-card-payment

Learn how to accept a basic card payment on the web
JavaScript
7
star
56

grabpay-payment

Accept GrabPay Payments with Stripe, a popular digital wallet in Southeast Asia.
CSS
5
star
57

yard-sorbet

Types are documentation
Ruby
5
star
58

terraform-provider-confidant

A terraform provider for confidant. See https://github.com/terraform-providers
Go
5
star
59

simple-powershell-dsc

Simple Powershell DSC pull server in Go
Go
4
star
60

stripe-magento1-releases

4
star
61

pb

Lint protocol buffers
Go
2
star
62

mobile-elements-card-payment

Learn how to accept a basic card payment on iOS & Android
Java
2
star
63

bazel-bloop-exporter

This proof of concept exports a bazel project to bloop. The motivation is to allow the use of any tooling that already has a bloop integration, such as the metals language server.
Starlark
2
star
64

sentry-restricted-github

Python
2
star
65

time-utils

Ruby
1
star