From ec9d604c1d7dcfd47c3bf36c208696e0d8f7831d Mon Sep 17 00:00:00 2001
From: Justin Collins <justin@presidentbeef.com>
Date: Fri, 20 Mar 2015 14:09:47 -0700
Subject: [PATCH] Add test for to_s in SQL

---
 test/apps/rails4/app/models/account.rb |  5 +++++
 test/apps/rails4/app/models/user.rb    |  5 -----
 test/tests/rails4.rb                   | 13 ++++++++++++-
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/test/apps/rails4/app/models/account.rb b/test/apps/rails4/app/models/account.rb
index eca8a0eb..45855442 100644
--- a/test/apps/rails4/app/models/account.rb
+++ b/test/apps/rails4/app/models/account.rb
@@ -33,4 +33,9 @@ class Account < ActiveRecord::Base
     sql += "GROUP BY title, id "
     Account.connection.select_all(sql)
   end
+
+  def self.get_all_countries(locale)
+    q = "country_#{locale} ASC".to_s
+    c = User.order(q)
+  end
 end
diff --git a/test/apps/rails4/app/models/user.rb b/test/apps/rails4/app/models/user.rb
index 1aaf9473..fcd6e0c5 100644
--- a/test/apps/rails4/app/models/user.rb
+++ b/test/apps/rails4/app/models/user.rb
@@ -12,9 +12,4 @@ class User < ActiveRecord::Base
   def symbol_stuff
     self.where(User.table_name.to_sym)
   end
-
-  def self.get_all_countries(locale)
-    q = "country_#{locale} ASC".to_s
-    c = User.order(q)
-  end
 end
diff --git a/test/tests/rails4.rb b/test/tests/rails4.rb
index 922e5210..505905c0 100644
--- a/test/tests/rails4.rb
+++ b/test/tests/rails4.rb
@@ -16,7 +16,7 @@ class Rails4Tests < Test::Unit::TestCase
       :controller => 0,
       :model => 2,
       :template => 3,
-      :generic => 51
+      :generic => 52
     }
   end
 
@@ -631,7 +631,18 @@ class Rails4Tests < Test::Unit::TestCase
       :confidence => 1,
       :relative_path => "app/models/email.rb",
       :user_input => s(:lvar, :task_table)
+  end
 
+  def test_sql_injection_with_to_s_on_string_interp
+    assert_warning :type => :warning,
+      :warning_code => 0,
+      :fingerprint => "4617dc460e895a734ac500b963bae96ee133e272611464519e7dcf52810075aa",
+      :warning_type => "SQL Injection",
+      :line => 39,
+      :message => /^Possible\ SQL\ injection/,
+      :confidence => 1,
+      :relative_path => "app/models/account.rb",
+      :user_input => s(:lvar, :locale)
   end
 
   def test_format_validation_model_alias_processing
-- 
GitLab