SQLScript Scan rules
Contrast Scan supports these rules for SQLScript.
Severity | Contrast rule | Engine rule ID | Description |
|---|---|---|---|
Critical | SQL Injection | OPT.HANA.SEC.SqlInjection | SqlInjection: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
Critical | Avoid Trace In Production | OPT.HANA.EFFICIENCY.AvoidTraceInProduction | AvoidTraceInProduction: Avoid TRACE in production code. |
Critical | Deeply Nested Subqueries | OPT.HANA.EFFICIENCY.DeeplyNestedSubqueries | DeeplyNestedSubqueries: Deeply nested subqueries. |
Critical | Use Of Calculation Engine Operator | OPT.HANA.EFFICIENCY.UseOfCalculationEngineOperator | UseOfCalculationEngineOperator: Use of HANA Calculation Engine Plan Operators (CE Functions). |
Critical | Excessive Privileges Granted | OPT.HANA.SEC.ExcessivePrivilegesGranted | ExcessivePrivilegesGranted: Excessive privileges granted. |
High | Non Trivial Subquery | OPT.HANA.EFFICIENCY.NonTrivialSubquery | NonTrivialSubquery: Non-trivial subqueries. |
High | Select In Scalar Function | OPT.HANA.EFFICIENCY.SelectInScalarFunction | SelectInScalarFunction: SELECT ... INTO in scalar function. |
High | Improper Parameter Usage | OPT.HANA.RELIABILITY.ImproperParameterUsage | ImproperParameterUsage: Improper parameter usage. |
High | Forbidden Call | OPT.HANA.SEC.ForbiddenCall | ForbiddenCall: Call to unsafe or dangerous procedure / function. |
Low | Language Not Specified | OPT.HANA.MAINTAINABILITY.LanguageNotSpecified | LanguageNotSpecified: LANGUAGE not specified. |
Low | Unused Condition | OPT.HANA.MAINTAINABILITY.UnusedCondition | UnusedCondition: Unused Error Condition. |
Low | Non Custom Error Code | OPT.HANA.RELIABILITY.NonCustomErrorCode | NonCustomErrorCode: Use of non-custom SQL Error Code. |
Medium | Avoid Using Cursors | OPT.HANA.EFFICIENCY.AvoidUsingCursors | AvoidUsingCursors: Avoid Using Cursors. |
Medium | Modification Statement In Loop | OPT.HANA.EFFICIENCY.ModificationStatementInLoop | ModificationStatementInLoop: Data modification statement in a loop. |
Medium | Reads SQL Data Not Specified | OPT.HANA.EFFICIENCY.ReadsSqlDataNotSpecified | ReadsSqlDataNotSpecified: Specify READS SQL DATA for side-effect free procedures. |
Medium | Unused Variable | OPT.HANA.EFFICIENCY.UnusedVariable | UnusedVariable: Unused local variable. |
Medium | Use Of Uninitialized Var | OPT.HANA.RELIABILITY.UseOfUninitializedVar | UseOfUninitializedVar: Use of uninitialized variable. |