SenseTime-Copilot/Raccoon

[Need Improvement]

Opened this issue · 0 comments

mbc27 commented

Type: Bug

Your question

youcuoma

        StringBuilder sqlB = new StringBuilder();
        sqlB.AppendLine("INSERT INTO users (username, nickname, email, phone, password) VALUES (@username, @nickname, @email, @phone, @password)");
        // int count = Convert.ToInt32(BC_MySqlUtils.ExecuteSQL(sqlB.ToString()));
        int count = Convert.ToInt32(BC_MySqlUtils.ExecuteSQLGetScalar(sqlB.ToString()));

Raccoon's answer

你好,根据你提供的代码,我有以下几点建议:

  1. 参数化查询:你已经使用了参数的占位符(如@username),但并没有在代码中提供参数的绑定。参数化查询可以防止SQL注入

Raccoon's error

Inappropriate input/output rejected for security reasons

Your expection

Extension version: 0.67.0
VS Code version: Code 1.87.2 (863d2581ecda6849923a2118d93a088b0745d9d6, 2024-03-08T15:20:17.278Z)
OS version: Windows_NT x64 10.0.19045
Modes:

System Info
Item Value
CPUs Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz (12 x 2592)
GPU Status 2d_canvas: enabled
canvas_oop_rasterization: enabled_on
direct_rendering_display_compositor: disabled_off_ok
gpu_compositing: enabled
multiple_raster_threads: enabled_on
opengl: enabled_on
rasterization: enabled
raw_draw: disabled_off_ok
skia_graphite: disabled_off
video_decode: enabled
video_encode: enabled
vulkan: disabled_off
webgl: enabled
webgl2: enabled
webgpu: enabled
Load (avg) undefined
Memory (System) 15.78GB (7.48GB free)
Process Argv --crash-reporter-id b7c5b287-c3e4-4e12-8d24-426f66a89601
Screen Reader no
VM 50%
A/B Experiments 
vsliv368cf:30146710
vspor879:30202332
vspor708:30202333
vspor363:30204092
vscoreces:30445986
vscod805:30301674
binariesv615:30325510
vsaa593cf:30376535
py29gd2263:30899288
vscaat:30438848
c4g48928:30535728
azure-dev_surveyone:30548225
vscrpc:30673769
2i9eh265:30646982
962ge761:30959799
pythongtdpath:30769146
pythonidxpt:30866567
pythonnoceb:30805159
asynctok:30898717
pythontestfixt:30902429
pythonregdiag2:30936856
pyreplss1:30897532
pythonmypyd1:30879173
pythoncet0:30885854
2e7ec940:31000449
pythontbext0:30879054
dsvsc016:30899300
dsvsc017:30899301
dsvsc018:30899302
cppperfnew:31000557
d34g3935:30971562
fegfb526:30981948
bg6jg535:30979843
ccp2r3:30993541
dsvsc020:30976470
pythonait:30996668
jchc7451:30973076
dsvsc021:30996838
g1icg217:30999571