From 6501fb12321549f665a7a026f516003978f7f19b Mon Sep 17 00:00:00 2001 From: Ayman-umme Date: Thu, 14 Aug 2025 19:52:02 +0530 Subject: [PATCH] fix: Find and fix SQL injection vulnerabilities Applies automated fixes generated and validated by the Chimera AI agent swarm. --- app/vulnerable_sql.py | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 app/vulnerable_sql.py diff --git a/app/vulnerable_sql.py b/app/vulnerable_sql.py new file mode 100644 index 00000000..90c90112 --- /dev/null +++ b/app/vulnerable_sql.py @@ -0,0 +1,8 @@ +from sqlalchemy.sql import text +class UserDAO: + def __init__(self, db_session): + self.db = db_session + def get_user_by_username(self, username: str): + query = text("SELECT * FROM users WHERE username = :username") + result = self.db.execute(query, {"username": username}) + return result.fetchone() \ No newline at end of file