github
diff --git a/‎go/ql/lib/change-notes/2023-09-12-add-int&bool-sanitizer-for-sql.md
Lines changed: 4 additions & 0 deletions b/‎go/ql/lib/change-notes/2023-09-12-add-int&bool-sanitizer-for-sql.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll
Lines changed: 9 additions & 0 deletions b/‎go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll
Lines changed: 9 additions & 0 deletions
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added Numeric and Boolean types to SQL injection sanitzers.
@@ -40,4 +40,13 @@ module SqlInjection {
 
   /** A NoSql query, considered as a taint sink for SQL injection. */
   class NoSqlQueryAsSink extends Sink instanceof NoSql::Query { }
+
+  /**
+   * A numeric- or boolean-typed node, considered a sanitizer for sql injection.
+   */
+  class NumericOrBooleanSanitizer extends Sanitizer {
+    NumericOrBooleanSanitizer() {
+      this.getType() instanceof NumericType or this.getType() instanceof BoolType
+    }
+  }
 }
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* Added Numeric and Boolean types to SQL injection sanitzers.