Hi Chamila, What is the value of SQLQuery.CHECK_EXIST_USER_DATA? Is this a constant? You can find a similar issue reported at [1].
[1] http://stackoverflow.com/questions/398179/findbugs-not-finding-potential-sql-injection-vulnerability Thanks, Rajeevan On Wed, Jun 3, 2015 at 9:57 AM, Chamila Wijayarathna <cham...@wso2.com> wrote: > Hello all, > > When profiling using Sonar, I'm getting error as in $subject (squid:S2077) > from [1]. What is the reason for this warning? how can I solve this? > > 1. > https://github.com/wso2/carbon-identity/blob/master/components/identity-mgt/org.wso2.carbon.identity.mgt/src/main/java/org/wso2/carbon/identity/mgt/store/JDBCIdentityDataStore.java#L92 > > Thank You! > > -- > *Chamila Dilshan Wijayarathna,* > Software Engineer > Mobile:(+94)788193620 > WSO2 Inc., http://wso2.com/ > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Vimalanathan Rajeevan Software Engineer WSO2 Inc.:http://wso2.com lean.enterprise.middleware Mobile : +94 773090875
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev