DEVHIDE
Login Or Sign up

How to fix Sonar "SQL queries should not be vulnerable to injection attacks" on C#

1.9k Views Asked by At

Sonar rule link: https://rules.sonarsource.com/csharp/RSPEC-3649

I have a sql string that takes DB name as parameter. It's like: UPDATE [@DBNAME].[dbo].[MyTable] SET [Column]='1'

Sonar doesn't accept this string but I can't give DB name as SqlCommand parameter.

Does anyone has an idea to fix this?

I am looking for a solution other than suppress or turning off Sonar Analysis.

ps: I use SqlServer 2012.

c# sql-server sonarqube software-quality
Original Q&A
0

There are 0 best solutions below

Related Questions in C#

Related Questions in SQL-SERVER

Related Questions in SONARQUBE

Related Questions in SOFTWARE-QUALITY

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.