function SelectTest::makeCommentsProvider in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/system/src/Tests/Database/SelectTest.php \Drupal\system\Tests\Database\SelectTest::makeCommentsProvider()
Provides expected and input values for testVulnerableComment().
1 call to SelectTest::makeCommentsProvider()
- SelectTest::testVulnerableComment in core/
modules/ system/ src/ Tests/ Database/ SelectTest.php - Tests query COMMENT system against vulnerabilities.
File
- core/
modules/ system/ src/ Tests/ Database/ SelectTest.php, line 76 - Contains \Drupal\system\Tests\Database\SelectTest.
Class
- SelectTest
- Tests the Select query builder.
Namespace
Drupal\system\Tests\DatabaseCode
function makeCommentsProvider() {
return [
[
'/* */ ',
[
'',
],
],
// Try and close the comment early.
[
'/* Exploit * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
],
],
// Variations on comment closing.
[
'/* Exploit * / * / DROP TABLE node. -- */ ',
[
'Exploit */*/ DROP TABLE node; --',
],
],
[
'/* Exploit * * // DROP TABLE node. -- */ ',
[
'Exploit **// DROP TABLE node; --',
],
],
// Try closing the comment in the second string which is appended.
[
'/* Exploit * / DROP TABLE node. --. Another try * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
'Another try */ DROP TABLE node; --',
],
],
];
}