File tree Expand file tree Collapse file tree
csharp/ql/test/query-tests/Security Features/CWE-089 Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -84,6 +84,17 @@ public void GetDataSetByCategory()
8484 var result = new DataSet ( ) ;
8585 adapter . Fill ( result ) ;
8686 }
87+
88+ // BAD: Text from a local textbox
89+ using ( var connection = new SqlConnection ( connectionString ) )
90+ {
91+ var queryString = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
92+ + box1 . Text + "' ORDER BY PRICE" ;
93+ var cmd = new SqlCommand ( queryString ) ;
94+ var adapter = new SqlDataAdapter ( cmd ) ;
95+ var result = new DataSet ( ) ;
96+ adapter . Fill ( result ) ;
97+ }
8798 }
8899
89100 System . Windows . Forms . TextBox box1 ;
Original file line number Diff line number Diff line change @@ -37,6 +37,11 @@ public void InjectUntrustedData()
3737 adapter = new SQLiteDataAdapter ( untrustedData . Text , connectionString ) ;
3838 result = new DataSet ( ) ;
3939 adapter . Fill ( result ) ;
40+
41+ // BAD: untrusted data is not sanitized.
42+ adapter = new SQLiteDataAdapter ( cmd ) ;
43+ result = new DataSet ( ) ;
44+ adapter . Fill ( result ) ;
4045 }
4146 }
4247}
You can’t perform that action at this time.
0 commit comments