Tutorial 1. Write your first InternalFLuentTQL specification

Let's take a simple SQL-Injection example. The below example code contains the SQL-Injection.

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;

import org.owasp.html.HtmlPolicyBuilder;
import org.owasp.html.PolicyFactory;

public class SimpleSQLInjection {

    public static ResultSet getEmployeeInformationWithSanitizer() throws SQLException {
        Scanner mySC = new Scanner(System.in);

        // Soure: Method nextLine is a source that takes input from user.
        String employeeID = mySC.nextLine();

        mySC.close();

        PolicyFactory POLICY_DEFINITION = new HtmlPolicyBuilder().toFactory();

        // Sanitizer: Method sanitize is a sanitizer that sanitizes the user input, therefore, the below line should be uncommented to avoid SQL-Injection.
        //employeeID = POLICY_DEFINITION.sanitize(employeeID);

        Connection myConnection = DriverManager.getConnection("jdbc:hsqldb:mem:EMPLOYEES", "test", "test");
        Statement myStatement = myConnection.createStatement();

        // Sink: Method executeQuery is a sink that performs the sensitive operation and leaks the data.
        ResultSet queryResult = myStatement.executeQuery("SELECT * FROM EMPLOYEE where EID = " + employeeID);

        return queryResult;

    }
}

For InternalFluentTQL specification, Class must implements de.fraunhofer.iem.secucheck.InternalFluentTQL.fluentInterface.SpecificationInterface.FluentTQLUserInterface.

public class SimpleSQLInjectionSpec implements FluentTQLUserInterface {

All these methods(source, sanitizer, required propagators, and sink) has to be declared in InternalFluentTQL. The below example shows how to define the method.