1 database_test.test | DatabaseSelectTestCase::makeCommentsProvider() |
Provides expected and input values for testVulnerableComment().
File
- core/
modules/ simpletest/ tests/ database_test.test, line 1372 - Database tests.
Class
- DatabaseSelectTestCase
- Test the SELECT builder.
Code
function makeCommentsProvider() {
return array(
array(
'/* */ ',
array(''),
),
// Try and close the comment early.
array(
'/* Exploit * / DROP TABLE node; -- */ ',
array('Exploit */ DROP TABLE node; --'),
),
// Variations on comment closing.
array(
'/* Exploit * / * / DROP TABLE node; -- */ ',
array('Exploit */*/ DROP TABLE node; --'),
),
array(
'/* Exploit * * // DROP TABLE node; -- */ ',
array('Exploit **// DROP TABLE node; --'),
),
// Try closing the comment in the second string which is appended.
array(
'/* Exploit * / DROP TABLE node; --; Another try * / DROP TABLE node; -- */ ',
array('Exploit */ DROP TABLE node; --', 'Another try */ DROP TABLE node; --'),
),
);
}