Skip to content

Commit 84c3df2

Browse files
MathiasVPMathiasVP
committed
PS: Accept test changes.
1 parent f87f720 commit 84c3df2

File tree

2 files changed

+1
-4
lines changed

2 files changed

+1
-4
lines changed

powershell/ql/test/query-tests/security/cwe-089/SqlInjection.expected

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@ edges
44
| test.ps1:1:1:1:10 | userinput | test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | provenance | |
55
| test.ps1:1:1:1:10 | userinput | test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | provenance | |
66
| test.ps1:1:1:1:10 | userinput | test.ps1:78:13:78:22 | userinput | provenance | |
7-
| test.ps1:1:1:1:10 | userinput | test.ps1:114:76:114:85 | userinput | provenance | |
87
| test.ps1:1:14:1:45 | Call to read-host | test.ps1:1:1:1:10 | userinput | provenance | Src:MaD:0 |
98
| test.ps1:4:1:4:6 | query | test.ps1:5:72:5:77 | query | provenance | |
109
| test.ps1:8:1:8:6 | query | test.ps1:9:72:9:77 | query | provenance | |
@@ -24,12 +23,10 @@ nodes
2423
| test.ps1:72:15:79:1 | ${...} [element Query] | semmle.label | ${...} [element Query] |
2524
| test.ps1:78:13:78:22 | userinput | semmle.label | userinput |
2625
| test.ps1:81:15:81:25 | QueryConn2 | semmle.label | QueryConn2 |
27-
| test.ps1:114:76:114:85 | userinput | semmle.label | userinput |
2826
subpaths
2927
#select
3028
| test.ps1:5:72:5:77 | query | test.ps1:1:14:1:45 | Call to read-host | test.ps1:5:72:5:77 | query | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3129
| test.ps1:9:72:9:77 | query | test.ps1:1:14:1:45 | Call to read-host | test.ps1:9:72:9:77 | query | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3230
| test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | test.ps1:1:14:1:45 | Call to read-host | test.ps1:17:24:17:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3331
| test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | test.ps1:1:14:1:45 | Call to read-host | test.ps1:28:24:28:76 | SELECT * FROM MyTable WHERE MyColumn = '$userinput' | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
3432
| test.ps1:81:15:81:25 | QueryConn2 | test.ps1:1:14:1:45 | Call to read-host | test.ps1:81:15:81:25 | QueryConn2 | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |
35-
| test.ps1:114:76:114:85 | userinput | test.ps1:1:14:1:45 | Call to read-host | test.ps1:114:76:114:85 | userinput | This SQL query depends on a $@. | test.ps1:1:14:1:45 | Call to read-host | read from stdin |

powershell/ql/test/query-tests/security/cwe-089/test.ps1

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,4 +111,4 @@ TakesTypedParameters $userinput $userinput $userinput $userinput $userinput $use
111111
$query = "SELECT * FROM MyTable WHERE MyColumn = '$userinput'"
112112
Invoke-Sqlcmd -unknown $userinput -ServerInstance "MyServer" -Database "MyDatabase" -q "SELECT * FROM MyTable" # GOOD
113113

114-
Invoke-Sqlcmd -ServerInstance "MyServer" -Database "MyDatabase" -InputFile $userinput # GOOD [FALSE POSITIVE] # this is not really what this query is about.
114+
Invoke-Sqlcmd -ServerInstance "MyServer" -Database "MyDatabase" -InputFile $userinput # GOOD # this is not really what this query is about.

0 commit comments

Comments
 (0)