django-raw-sql (S611)

Derived from the flake8-bandit linter.

What it does

Checks for uses of Django's RawSQL function.

Why is this bad?

Django's RawSQL function can be used to execute arbitrary SQL queries, which can in turn lead to SQL injection vulnerabilities.

Example

from django.db.models.expressions import RawSQL
from django.contrib.auth.models import User

User.objects.annotate(val=("%secure" % "nos", []))

References

• Django documentation: SQL injection protection
• Common Weakness Enumeration: CWE-89