Skip to content

Commit 6b0e796

Browse files
alexrfordalexrford
committed
Ruby: prepare test case whitespace
1 parent 91bca4a commit 6b0e796

File tree

2 files changed

+229
-226
lines changed

2 files changed

+229
-226
lines changed

ruby/ql/test/query-tests/security/cwe-089/ActiveRecordInjection.rb

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,9 @@ def self.authenticate(name, pass)
1212
find(:first, conditions: ["name='#{name}' and pass='#{pass}'"])
1313
# GOOD: using SQL parameters
1414
find(:first, conditions: ["name = ? and pass = ?", name, pass])
15+
# BAD: interpolation with flow
16+
# conds = "name=#{name}"
17+
# find(:first, conditions: conds)
1518
end
1619

1720
def self.from(user_group_id)

0 commit comments

Comments
 (0)