Sha256: 97149c17d78d158498f282b5a7e5bd7e8dcb20cd0bf013eebeee0f4a876fa5c3

Contents?: true

Size: 1.52 KB

Versions: 24

Compression:

Stored size: 1.52 KB

Contents

# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

# This class is the concrete implementation of the DefaultSqlScanner designed
# to support the customizations of MySQL.
#
# @deprecated RUBY-356
# rubocop:disable Style/ClassAndModuleChildren
class Contrast::Agent::Protect::Rule::Sqli::MysqlSqlScanner <
    Contrast::Agent::Protect::Rule::Sqli::DefaultSqlScanner
  # rubocop:enable Style/ClassAndModuleChildren

  # Is the current character '#' or are the current and
  # subsequent characters both '-' ?
  def start_line_comment? char, index, query
    return true if char == Contrast::Utils::ObjectShare::POUND_SIGN
    return false unless char == Contrast::Utils::ObjectShare::DASH
    return false unless (query.length - 2) >= index

    query[index + 1] == Contrast::Utils::ObjectShare::DASH
  end

  # Is the current character / sequence of characters the start of a block
  # comment. In MySQL, '/*!' is an inline comment that has code that's
  # executed, so it does not count as a block comment start
  def start_block_comment? char, index, query
    return false unless char == Contrast::Utils::ObjectShare::SLASH
    return false unless (query.length - 3) >= index

    query[index + 1] == Contrast::Utils::ObjectShare::ASTERISK &&
        query[index + 2] != Contrast::Utils::ObjectShare::EXCLAMATION
  end

  # Indicates if '""' inside of double quotes is the equivalent of '\"'
  def double_quote_escape_in_double_quote?
    true
  end
end

Version data entries

24 entries across 24 versions & 1 rubygems

Version Path
contrast-agent-6.11.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.10.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.9.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.8.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.7.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.5 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.4 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.3 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.2 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.6.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.5.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.5.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.4.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.3.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.2.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.1.2 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.1.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.1.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.0.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb