File tree Expand file tree Collapse file tree 2 files changed +217
-177
lines changed
swift/ql/test/query-tests/Security/CWE-089 Expand file tree Collapse file tree 2 files changed +217
-177
lines changed Original file line number Diff line number Diff line change @@ -159,6 +159,27 @@ func testSqlRequest() throws {
159159 let _ = SQLRequest ( sql: localString, cached: false ) // GOOD
160160}
161161
162+ func testSql( ) throws {
163+ let localString = " user "
164+ let remoteString = try String ( contentsOf: URL ( string: " http://example.com/ " ) !)
165+
166+ let _ = SQL ( stringLiteral: remoteString) // BAD
167+ let _ = SQL ( unicodeScalarLiteral: remoteString) // BAD
168+ let _ = SQL ( extendedGraphemeClusterLiteral: remoteString) // BAD
169+ let _ = SQL ( stringInterpolation: remoteString) // BAD
170+ let _ = SQL ( sql: remoteString) // BAD
171+ let sql1 = SQL ( stringLiteral: " " )
172+ sql1. append ( sql: remoteString) // BAD
173+
174+ let _ = SQL ( stringLiteral: localString) // GOOD
175+ let _ = SQL ( unicodeScalarLiteral: localString) // GOOD
176+ let _ = SQL ( extendedGraphemeClusterLiteral: localString) // GOOD
177+ let _ = SQL ( stringInterpolation: localString) // GOOD
178+ let _ = SQL ( sql: localString) // GOOD
179+ let sql2 = SQL ( stringLiteral: " " )
180+ sql2. append ( sql: localString) // GOOD
181+ }
182+
162183func test( tableDefinition: TableDefinition ) throws {
163184 let localString = " user "
164185 let remoteString = try String ( contentsOf: URL ( string: " http://example.com/ " ) !)
You can’t perform that action at this time.
0 commit comments