diff options
| author | David Rothstein <drothstein@gmail.com> | 2015-08-19 17:20:31 -0400 |
|---|---|---|
| committer | David Rothstein <drothstein@gmail.com> | 2015-08-19 17:20:31 -0400 |
| commit | be00a1ced4104d84df2f34b149b35fb0adf91093 (patch) | |
| tree | 57eb4bdd551ef892671c5d7d653a78fdd3f3d454 /modules/simpletest/tests/database_test.test | |
| parent | 5cb79b4b217e9aa315d61284398cce132c28bea4 (diff) | |
| download | brdo-be00a1ced4104d84df2f34b149b35fb0adf91093.tar.gz brdo-be00a1ced4104d84df2f34b149b35fb0adf91093.tar.bz2 | |
Drupal 7.39
Diffstat (limited to 'modules/simpletest/tests/database_test.test')
| -rw-r--r-- | modules/simpletest/tests/database_test.test | 39 |
1 files changed, 38 insertions, 1 deletions
diff --git a/modules/simpletest/tests/database_test.test b/modules/simpletest/tests/database_test.test index 9c533bed5..59d2e5d62 100644 --- a/modules/simpletest/tests/database_test.test +++ b/modules/simpletest/tests/database_test.test @@ -1414,10 +1414,47 @@ class DatabaseSelectTestCase extends DatabaseTestCase { } $query = (string)$query; - $expected = "/* Testing query comments SELECT nid FROM {node}; -- */ SELECT test.name AS name, test.age AS age\nFROM \n{test} test"; + $expected = "/* Testing query comments * / SELECT nid FROM {node}; -- */ SELECT test.name AS name, test.age AS age\nFROM \n{test} test"; $this->assertEqual($num_records, 4, 'Returned the correct number of rows.'); $this->assertEqual($query, $expected, 'The flattened query contains the sanitised comment string.'); + + $connection = Database::getConnection(); + foreach ($this->makeCommentsProvider() as $test_set) { + list($expected, $comments) = $test_set; + $this->assertEqual($expected, $connection->makeComment($comments)); + } + } + + /** + * Provides expected and input values for testVulnerableComment(). + */ + function makeCommentsProvider() { + return array( + array( + '/* */ ', + array(''), + ), + // Try and close the comment early. + array( + '/* Exploit * / DROP TABLE node; -- */ ', + array('Exploit */ DROP TABLE node; --'), + ), + // Variations on comment closing. + array( + '/* Exploit * / * / DROP TABLE node; -- */ ', + array('Exploit */*/ DROP TABLE node; --'), + ), + array( + '/* Exploit * * // DROP TABLE node; -- */ ', + array('Exploit **// DROP TABLE node; --'), + ), + // Try closing the comment in the second string which is appended. + array( + '/* Exploit * / DROP TABLE node; --; Another try * / DROP TABLE node; -- */ ', + array('Exploit */ DROP TABLE node; --', 'Another try */ DROP TABLE node; --'), + ), + ); } /** |