Sha256: f88eca21758b611868056c88bbf96bb517f05fb717888d1ebc47fab9fd1edc3d

Contents?: true

Size: 1.52 KB

Versions: 18

Compression:

Stored size: 1.52 KB

Contents

# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

# This class is the concrete implementation of the DefaultSqlScanner designed
# to support the customizations of MySQL.
#
# @deprecated RUBY-356
# rubocop:disable Style/ClassAndModuleChildren
class Contrast::Agent::Protect::Rule::Sqli::MysqlSqlScanner <
    Contrast::Agent::Protect::Rule::Sqli::DefaultSqlScanner
  # rubocop:enable Style/ClassAndModuleChildren

  # Is the current character '#' or are the current and
  # subsequent characters both '-' ?
  def start_line_comment? char, index, query
    return true if char == Contrast::Utils::ObjectShare::POUND_SIGN
    return false unless char == Contrast::Utils::ObjectShare::DASH
    return false unless (query.length - 2) >= index

    query[index + 1] == Contrast::Utils::ObjectShare::DASH
  end

  # Is the current character / sequence of characters the start of a block
  # comment. In MySQL, '/*!' is an inline comment that has code that's
  # executed, so it does not count as a block comment start
  def start_block_comment? char, index, query
    return false unless char == Contrast::Utils::ObjectShare::SLASH
    return false unless (query.length - 3) >= index

    query[index + 1] == Contrast::Utils::ObjectShare::ASTERISK &&
        query[index + 2] != Contrast::Utils::ObjectShare::EXCLAMATION
  end

  # Indicates if '""' inside of double quotes is the equivalent of '\"'
  def double_quote_escape_in_double_quote?
    true
  end
end

Version data entries

18 entries across 18 versions & 1 rubygems

Version Path
contrast-agent-7.6.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.6.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.5.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.4.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.4.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.3.2 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.3.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.3.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.2.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.1.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-7.0.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.15.3 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.15.2 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.15.1 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.15.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.14.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.13.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
contrast-agent-6.12.0 lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb