From 5004ed7b155a093383316c756fd53944bd61a05a Mon Sep 17 00:00:00 2001 From: Hans Ott Date: Tue, 30 Jul 2024 13:04:06 +0200 Subject: [PATCH] Add tests for matching keyword with something else Like a dangerous string or space --- .../sql-injection/detectSQLInjection.test.ts | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/library/vulnerabilities/sql-injection/detectSQLInjection.test.ts b/library/vulnerabilities/sql-injection/detectSQLInjection.test.ts index 2b64066b3..0a7f3927a 100644 --- a/library/vulnerabilities/sql-injection/detectSQLInjection.test.ts +++ b/library/vulnerabilities/sql-injection/detectSQLInjection.test.ts @@ -391,6 +391,69 @@ t.test("It does not flag SQL keyword if part of another word", async () => { }); }); +t.test("It flags SQL keyword if it contains space", async () => { + SQL_KEYWORDS.forEach((keyword) => { + isSqlInjection( + ` + SELECT id, + business_id, + name, + created_at, + updated_at + FROM ${keyword} + WHERE business_id = ? + `, + " " + keyword + ); + + isSqlInjection( + ` + SELECT id, + business_id, + name, + created_at, + updated_at + FROM ${keyword} + WHERE business_id = ? + `, + " " + keyword.toLowerCase() + ); + }); +}); + +t.test("It flags SQL keyword if it contains dangerous character", async () => { + SQL_KEYWORDS.forEach((keyword) => { + SQL_DANGEROUS_IN_STRING.forEach((string) => { + const payload = `${string}${keyword}`; + isSqlInjection( + ` + SELECT id, + business_id, + name, + created_at, + updated_at + FROM ${payload} + WHERE business_id = ? + `, + payload + ); + + isSqlInjection( + ` + SELECT id, + business_id, + name, + created_at, + updated_at + FROM ${payload} + WHERE business_id = ? + `, + payload.toLowerCase() + ); + }); + }); +}); + const files = [ // Taken from https://github.com/payloadbox/sql-injection-payload-list/tree/master join(__dirname, "payloads", "Auth_Bypass.txt"),