Skip to content

Commit 9972aaf

Browse files
geoffw0geoffw0
committed
Rust: Add tests cases for cleartext storage.
1 parent 9d72fab commit 9972aaf

File tree

2 files changed

+116
-0
lines changed

2 files changed

+116
-0
lines changed

rust/ql/test/query-tests/security/CWE-312/options.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,3 +3,5 @@ qltest_dependencies:
33
- log = { version = "0.4.25", features = ["kv"] }
44
- simple_logger = { version = "5.0.0" }
55
- log_err = { version = "1.1.1" }
6+
- sqlx = { version = "0.8", features = ["mysql", "sqlite", "postgres", "runtime-async-std", "tls-native-tls"] }
7+
- futures = { version = "0.3" }

rust/ql/test/query-tests/security/CWE-312/test_storage.rs

Lines changed: 114 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,114 @@
1+
2+
use sqlx::Connection;
3+
use sqlx::Executor;
4+
5+
// --- tests ---
6+
7+
fn get_harmless() -> String {
8+
return String::from("harmless");
9+
}
10+
11+
fn get_social_security_number() -> String {
12+
return String::from("1234567890");
13+
}
14+
15+
fn get_phone_number() -> String {
16+
return String::from("1234567890");
17+
}
18+
19+
fn get_email() -> String {
20+
return String::from("a@b.com");
21+
}
22+
23+
async fn test_storage_sql_command(url: &str) -> Result<(), sqlx::Error> {
24+
// connect through a MySQL connection pool
25+
let pool1 = sqlx::mysql::MySqlPool::connect(url).await?;
26+
let mut conn1 = pool1.acquire().await?;
27+
28+
// construct queries
29+
let id = "123";
30+
let select_query1 = String::from("SELECT * FROM CONTACTS WHERE ID = ") + id;
31+
let select_query2 = String::from("SELECT * FROM CONTACTS WHERE SSN = '") + &get_social_security_number() + "'";
32+
let insert_query1 = String::from("INSERT INTO CONTACTS(ID, HARMLESS) VALUES(") + id + ", '" + &get_harmless() + "')";
33+
let insert_query2 = String::from("INSERT INTO CONTACTS(ID, PHONE) VALUES(") + id + ", '" + &get_phone_number() + "')";
34+
let update_query1 = String::from("UPDATE CONTACTS SET HARMLESS='") + &get_harmless() + "' WHERE ID=" + id;
35+
let update_query2 = String::from("UPDATE CONTACTS SET EMAIL='") + &get_email() + "' WHERE ID=" + id;
36+
let s1 = &get_social_security_number();
37+
let update_query3 = String::from("UPDATE CONTACTS SET SSN='") + s1 + "' WHERE ID=" + id;
38+
let update_query4 = String::from("UPDATE CONTACTS SET SSN='") + &s1 + "' WHERE ID=" + id;
39+
let s2 = s1.as_str();
40+
let update_query5 = String::from("UPDATE CONTACTS SET SSN='") + s2 + "' WHERE ID=" + id;
41+
let update_query6 = String::from("UPDATE CONTACTS SET SSN='") + &s2 + "' WHERE ID=" + id;
42+
let delete_query1 = String::from("DELETE FROM CONTACTS WHERE ID=") + id;
43+
let delete_query2 = String::from("DELETE FROM CONTACTS WHERE SSN='") + &get_social_security_number() + "'";
44+
let prepared_query = String::from("UPDATE CONTACTS SET SSN=? WHERE ID=?");
45+
46+
// execute queries - MySQL, direct
47+
let _ = conn1.execute(select_query1.as_str()).await?;
48+
let _ = conn1.execute(select_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
49+
let _ = conn1.execute(insert_query1.as_str()).await?;
50+
let _ = conn1.execute(insert_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
51+
let _ = conn1.execute(update_query1.as_str()).await?;
52+
let _ = conn1.execute(update_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
53+
let _ = conn1.execute(update_query3.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
54+
let _ = conn1.execute(update_query4.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
55+
let _ = conn1.execute(update_query5.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
56+
let _ = conn1.execute(update_query6.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
57+
let _ = conn1.execute(delete_query1.as_str()).await?;
58+
let _ = conn1.execute(delete_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
59+
60+
// execute queries - MySQL, prepared query
61+
let _ = sqlx::query(insert_query1.as_str()).execute(&pool1).await?;
62+
let _ = sqlx::query(insert_query2.as_str()).execute(&pool1).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
63+
let _ = sqlx::query(prepared_query.as_str()).bind(get_harmless()).execute(&pool1).await?;
64+
let _ = sqlx::query(prepared_query.as_str()).bind(get_social_security_number()).execute(&pool1).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
65+
let _ = sqlx::query(prepared_query.as_str()).bind(&s1).execute(&pool1).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
66+
let _ = sqlx::query(prepared_query.as_str()).bind(&s2).execute(&pool1).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
67+
68+
// connect through SQLite, no connection pool
69+
let mut conn2 = sqlx::sqlite::SqliteConnection::connect(url).await?;
70+
71+
// execute queries - SQLite, direct
72+
let _ = conn2.execute(insert_query1.as_str()).await?;
73+
let _ = conn2.execute(insert_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
74+
75+
// execute queries - SQLite, direct variant
76+
let _ = sqlx::raw_sql(insert_query1.as_str()).execute(&mut conn2).await?;
77+
let _ = sqlx::raw_sql(insert_query2.as_str()).execute(&mut conn2).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
78+
79+
// execute queries - SQLite, prepared query
80+
let _ = sqlx::query(insert_query1.as_str()).execute(&mut conn2).await?;
81+
let _ = sqlx::query(insert_query2.as_str()).execute(&mut conn2).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
82+
let _ = sqlx::query(prepared_query.as_str()).bind(get_harmless()).execute(&mut conn2).await?;
83+
let _ = sqlx::query(prepared_query.as_str()).bind(get_social_security_number()).execute(&mut conn2).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
84+
85+
// execute queries - SQLite, prepared query variant
86+
let _ = sqlx::query(insert_query1.as_str()).fetch(&mut conn2);
87+
let _ = sqlx::query(insert_query2.as_str()).fetch(&mut conn2); // $ MISSING: Alert[rust/cleartext-storage-database]
88+
let _ = sqlx::query(prepared_query.as_str()).bind(get_harmless()).fetch(&mut conn2);
89+
let _ = sqlx::query(prepared_query.as_str()).bind(get_social_security_number()).fetch(&mut conn2); // $ MISSING: Alert[rust/cleartext-storage-database]
90+
91+
// connect through a PostgreSQL connection pool
92+
let pool3 = sqlx::postgres::PgPool::connect(url).await?;
93+
let mut conn3 = pool3.acquire().await?;
94+
95+
// execute queries - PostgreSQL, direct
96+
let _ = conn3.execute(insert_query1.as_str()).await?;
97+
let _ = conn3.execute(insert_query2.as_str()).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
98+
99+
// execute queries - PostgreSQL, prepared query
100+
let _ = sqlx::query(insert_query1.as_str()).execute(&pool3).await?;
101+
let _ = sqlx::query(insert_query2.as_str()).execute(&pool3).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
102+
let _ = sqlx::query(prepared_query.as_str()).bind(get_harmless()).execute(&pool3).await?;
103+
let _ = sqlx::query(prepared_query.as_str()).bind(get_social_security_number()).execute(&pool3).await?; // $ MISSING: Alert[rust/cleartext-storage-database]
104+
105+
Ok(())
106+
}
107+
108+
fn main() {
109+
println!("test_storage_sql_command...");
110+
match futures::executor::block_on(test_storage_sql_command("")) {
111+
Ok(_) => println!(" successful!"),
112+
Err(e) => println!(" error: {}", e),
113+
}
114+
}

0 commit comments

Comments
 (0)