diff --git a/rules/sql.go b/rules/sql.go
index 42ace6c..622c2fe 100644
--- a/rules/sql.go
+++ b/rules/sql.go
@@ -191,6 +191,11 @@ func (s *sqlStrConcat) checkQuery(call *ast.CallExpr, ctx *gosec.Context) (*issu
 			if injection := s.findInjectionInBranch(ctx, decl.Rhs); injection != nil {
 				return ctx.NewIssue(injection, s.ID(), s.What, s.Severity, s.Confidence), nil
 			}
+		case *ast.ValueSpec:
+			// handle: var query string = "SELECT ...'" + user
+			if injection := s.findInjectionInBranch(ctx, decl.Values); injection != nil {
+				return ctx.NewIssue(injection, s.ID(), s.What, s.Severity, s.Confidence), nil
+			}
 		}
 	}
 
diff --git a/testutils/g202_samples.go b/testutils/g202_samples.go
index 711d59d..58a153a 100644
--- a/testutils/g202_samples.go
+++ b/testutils/g202_samples.go
@@ -308,4 +308,32 @@ func main() {
 	fmt.Println(result)
 }
 `}, 0, gosec.NewConfig()},
+	{[]string{`
+package main
+
+import (
+	"database/sql"
+	"fmt"
+	_ "github.com/lib/pq"
+)
+
+func main() {
+	db, err := sql.Open("postgres", "user=postgres password=password dbname=mydb sslmode=disable")
+	if err!= nil {
+		panic(err)
+	}
+	defer db.Close()
+
+	var username string
+	fmt.Println("请输入用户名:")
+	fmt.Scanln(&username)
+
+	var query string = "SELECT * FROM users WHERE username = '" + username + "'"
+	rows, err := db.Query(query)
+	if err!= nil {
+		panic(err)
+	}
+	defer rows.Close()
+}
+`}, 1, gosec.NewConfig()},
 }