Apex class contains untrusted/unescaped variables in DML queries.
Ensure that any user-controlled variables are properly escaped and/or validated before being included in a SOQL query. If building a query dynamically, generate it with fflib's Query Builder or a similar library.
Step 1: Identify Vulnerable Apex Classes
Start by identifying the Apex class or classes where untrusted or unescaped variables are being used in DML queries. You can use Hubbl Diagnostics or work with developers to review code for vulnerabilities.
To review using Hubbl Diagnostics:
- Open your scan and select the Recommendations tab
- Select the Details sub-tab
- Select “Update code susceptible to SOQL injection” in the right-hand Recommendations list. (If you have a lot of recommendations, set the Metadata Categories to Custom Code to make it easier to find the particular recommendation)
- The details list will now contain all the impacted code
Step 2: Understand the Issue
SOQL injection occurs when an attacker can insert malicious SOQL code into a query, potentially accessing sensitive data that they should not have access to. For a general overview of injection attacks, see the Security Principles Trailhead module.
Step 3: Communicate with Your Development Team
Share your findings with the development team. Highlight the risks associated with untrusted or unescaped variables in DML queries and the importance of fixing these vulnerabilities. Develop a plan to review and update the affected code, including prioritizing higher-risk instances such as in code that is used by anonymous or external users, and code that runs with security checks disabled.
Step 4: Testing and Validation
After the developers have made the necessary changes, perform thorough testing to ensure that the vulnerability has been effectively mitigated. This includes both functional testing to verify that the application continues to behave as expected, and security testing to confirm that the SOQL injection vulnerability has been addressed.
Step 5: Implement a Review Process for Future Development
Implement a process where all Apex code is reviewed for security vulnerabilities before being deployed to production. This might involve using automated tools as well as manual reviews.
Step 6: Education and Training
Organize training sessions for developers on secure coding practices, emphasizing the importance of preventing SOQL injection and other common security issues.
Step 7: Monitor and Audit
Use Salesforce's built-in tools and third-party security solutions, such as Hubbl Diagnostics, to continuously monitor for security vulnerabilities. Regular audits can help catch any new instances of untrusted or unescaped variables being introduced into the code.
Ensure that any user-controlled variables are properly escaped and/or validated before being included in a SOQL query. If building a query dynamically, generate it with fflib's Query Builder or a similar library.
Ensure that any user-controlled variables are properly escaped and/or validated before being included in an SOQL query. If building a query dynamically, generate it with fflib's Query Builder or a similar library.
Step 1: Review Your Apex Code
Start by carefully reviewing your Apex code to identify any instances where variables are directly concatenated into SOQL query strings or DML statements. Look for queries that dynamically construct SOQL strings using user input or other variable data. You can use Hubbl Diagnostics or the Salesforce Code Analyzer to help identify code for review.
To review using Hubbl Diagnostics:
- Open your scan and select the Recommendations tab
- Select the Details sub-tab
- Select “Update code susceptible to SOQL injection” in the right-hand Recommendations list. (If you have a lot of recommendations, set the Metadata Categories to Custom Code to make it easier to find the particular recommendation)
- The details list will now contain all the impacted code
To review using Salesforce Code Analyzer:
- Have the Salesforce CLI (“sf”) installed and a project configured with a copy of your org’s code on your local machine
- Install the Salesforce Code Analyzer plugin if it is not already installed
Refer to the Salesforce Code Analyzer documentation for a full list of commands and options.
Step 2: Understand SOQL Injection Risks
SOQL injection occurs when an attacker can insert malicious SOQL code into a query, potentially accessing sensitive data that they should not have access to.
For a general overview of injection attacks, see the Security Principles Trailhead module. For a Salesforce and SOQL-specific approach, see the Secure Server-Side Development module.
Step 3: Update code
Whenever possible, use parameterized queries to prevent SOQL injection. This means utilizing binding variables in SOQL queries, which Salesforce automatically sanitizes against SOQL injection.
For dynamic SOQL queries, use String.escapeSingleQuotes() to sanitize user inputs. This method escapes single quotes, a common exploit vector in SOQL injection attacks.
If you are building complex dynamic queries, consider using a third-party query builder library, such as fflib’s QueryFactory to reduce the likelihood of introducing injection vulnerabilities and improve overall readability and ease of understanding. See the Apex Enterprise Patterns: Domain & Selector Layers Trailhead module for more information.
Step 4: Testing and Validation
After making the necessary changes, perform thorough testing to ensure that the vulnerability has been effectively mitigated. This includes both security testing to confirm that the SOQL injection vulnerability has been addressed, and functional testing to verify that the application continues to behave as expected.
Step 5: Implement a Review Process for Future Development
Implement a process where all Apex code is reviewed for security vulnerabilities before being deployed to production. This might involve using automated tools as well as manual reviews.
Step 6: Review and Refactor Legacy Code
Implementing a review process will help prevent any new issues from being introduced, but legacy code in the org may still need to be addressed. Develop a plan to review and refactor legacy Apex code to ensure it adheres to current best practices for security, especially concerning SOQL injection protection.
Step 7: Stay Informed on Security Best Practices
Stay updated with Salesforce's security guidelines and best practices. Salesforce frequently updates its documentation and recommendations based on evolving security threats.
Step 8: Monitor and Audit
Use Salesforce's built-in tools and third-party security solutions to continuously monitor for security vulnerabilities. Regular audits can help catch any new instances of untrusted or unescaped variables being introduced into the code. Consider implementing automated scanning as part of your code review process, either through third-party services, such as Hubbl Diagnostics, or custom scripting.
This solution was generated using AI and quality-checked by Hubbl humans.
