public function SelectTest::makeCommentsProvider in Drupal 8
Same name and namespace in other branches
- 9 core/tests/Drupal/KernelTests/Core/Database/SelectTest.php \Drupal\KernelTests\Core\Database\SelectTest::makeCommentsProvider()
Provides expected and input values for testVulnerableComment().
1 call to SelectTest::makeCommentsProvider()
- SelectTest::testVulnerableComment in core/
tests/ Drupal/ KernelTests/ Core/ Database/ SelectTest.php - Tests query COMMENT system against vulnerabilities.
File
- core/
tests/ Drupal/ KernelTests/ Core/ Database/ SelectTest.php, line 75
Class
- SelectTest
- Tests the Select query builder.
Namespace
Drupal\KernelTests\Core\DatabaseCode
public function makeCommentsProvider() {
return [
[
'/* */ ',
[
'',
],
],
// Try and close the comment early.
[
'/* Exploit * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
],
],
// Variations on comment closing.
[
'/* Exploit * / * / DROP TABLE node. -- */ ',
[
'Exploit */*/ DROP TABLE node; --',
],
],
[
'/* Exploit * * // DROP TABLE node. -- */ ',
[
'Exploit **// DROP TABLE node; --',
],
],
// Try closing the comment in the second string which is appended.
[
'/* Exploit * / DROP TABLE node. --. Another try * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
'Another try */ DROP TABLE node; --',
],
],
];
}