diff --git a/test/apps/rails2/app/models/user.rb b/test/apps/rails2/app/models/user.rb
index 595a8b59e6f90980079efa5ffcfe7f2fb968aee9..fcca29a4cad02e55afce17ffed99c0f5aa5cabec 100644
--- a/test/apps/rails2/app/models/user.rb
+++ b/test/apps/rails2/app/models/user.rb
@@ -14,4 +14,11 @@ class User < ActiveRecord::Base
   def get_something x
     self.find(:all, :conditions => "where blah = #{x}")
   end
+
+  def test_merge_conditions
+    #Should not warn
+    User.find(:all, :conditions => merge_conditions(some_conditions))
+    User.find(:all, :conditions => self.merge_conditions(some_conditions))
+    find(:all, :conditions => User.merge_conditions(some_conditions))
+  end
 end
diff --git a/test/tests/test_rails2.rb b/test/tests/test_rails2.rb
index cd903c72c19f710d5d168bf4846fe92d271129ec..a5c110aa13055d9e9454abe6496ca229012cef43 100644
--- a/test/tests/test_rails2.rb
+++ b/test/tests/test_rails2.rb
@@ -474,6 +474,15 @@ class Rails2Tests < Test::Unit::TestCase
       :file => /home_controller\.rb/ 
   end
 
+  def test_sql_injection_merge_conditions
+    assert_no_warning :type => :warning,
+      :warning_type => "SQL Injection",
+      :line => 22,
+      :message => /^Possible SQL injection near line 22: find/,
+      :confidence => 0,
+      :file => /user\.rb/
+  end
+
   def test_escape_once
     results = find :type => :template,
       :warning_type => "Cross Site Scripting",