UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

88 lines (74 loc) 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
const express = require('express') const app = express() const port = 3000 const { Sequelize } = require('sequelize'); const sequelize = new Sequelize('sqlite::memory:') const util = require('util') app.get('/test', (req, res) => { // ruleid: tainted-sql-string const query = "SELECT * FROM `users`" + " WHERE id = '" + req.query.message + "'" const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/test1', (req, res) => { // ruleid: tainted-sql-string const [results, metadata] = await sequelize.query("SELECT * FROM `users`" + " WHERE id = '" + req.query.message + "'"); res.send(results) }) app.get('/test2', (req, res) => { // ruleid: tainted-sql-string let query = `SELECT * FROM users WHERE id = '${req.query.message}'` const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/test3', (req, res) => { let query = "SELECT * FROM `users` WHERE id = '" // ruleid: tainted-sql-string query = query.concat(req.query.message) query = query.concat("'") const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/test4', (req, res) => { // ruleid: tainted-sql-string const query = util.format("SELECT * FROM users WHERE id = '%s'", req.query.message) const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/test5', (req, res) => { // ruleid: tainted-sql-string const query = util.format("UPDATE User SET name = '' WHERE id = '%s'", req.query.message) const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/test6', (req, res) => { // ruleid: tainted-sql-string const query = util.format("UPDATE %s SET name = '' WHERE id = 0", req.query.table) const [results, metadata] = await sequelize.query(query); res.send(results) }) app.get('/ok', async (req, res) => { // ok: tainted-sql-string res.send("message: " + req.query.message); }) app.post('/ok2', async (req, res) => { // ok: tainted-sql-string res.send(`message: ${req.query.message}`); }) app.post('/ok3', async (req, res) => { // ok: tainted-sql-string var data = "message: " + req.query.message; res.send(data); }) app.post('/ok4', async (req, res) => { var data = "message: " // ok: tainted-sql-string data = data.concat(req.query.message) res.send(data); }) app.post('/ok5', async (req, res) => { // ok: tainted-sql-string var data = "This is an update message: " + req.query.message res.send(data); }) app.listen(port, () => console.log(`Example app listening at http://localhost:${port}`))