# File lib/brakeman/checks/check_dynamic_finders.rb, line 17
  def process_result result
    return unless original? result

    call = result[:call]

    if potentially_dangerous? call.method
      call.each_arg do |arg|
        if params? arg and not safe_call? arg
          warn :result => result,
            :warning_type => "SQL Injection",
            :warning_code => :sql_injection_dynamic_finder,
            :message => "MySQL integer conversion may cause 0 to match any string",
            :confidence => :medium,
            :user_input => arg

          break
        end
      end
    end
  end