From cbb05c8475e2310307f2a064823c530aadafa7d9 Mon Sep 17 00:00:00 2001
From: Justin Collins <jcollins@attinteractive.com>
Date: Thu, 2 Feb 2012 10:56:03 -0800
Subject: [PATCH] Add test for SQL in self call

---
 test/apps/rails2/app/models/user.rb | 12 ++++++++----
 test/tests/test_rails2.rb           | 13 +++++++++++--
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/test/apps/rails2/app/models/user.rb b/test/apps/rails2/app/models/user.rb
index 05a1985c..595a8b59 100644
--- a/test/apps/rails2/app/models/user.rb
+++ b/test/apps/rails2/app/models/user.rb
@@ -1,13 +1,17 @@
 class User < ActiveRecord::Base
-  named_scope :dah, lambda {|*args| { :condition => "dah = '#{args[1]}'"}}
+  named_scope :dah, lambda {|*args| { :conditions => "dah = '#{args[1]}'"}}
   
-  named_scope :phooey, :condition => "phoeey = '#{User.phooey}'"
+  named_scope :phooey, :conditions => "phoeey = '#{User.phooey}'"
 
   named_scope :with_state, lambda {|state| state.present? ? {:conditions => "state_name = '#{state}'"} : {}}
 
-  named_scope :safe_phooey, :condition => ["phoeey = ?", "#{User.phooey}"]
+  named_scope :safe_phooey, :conditions => ["phoeey = ?", "#{User.phooey}"]
 
-  named_scope :safe_dah, lambda {|*args| { :condition => ["dah = ?", "#{args[1]}"]}}
+  named_scope :safe_dah, lambda {|*args| { :conditions => ["dah = ?", "#{args[1]}"]}}
 
   named_scope :with_state, lambda {|state| state.present? ? {:conditions => ["state_name = ?", "#{state}"]} : {}}
+
+  def get_something x
+    self.find(:all, :conditions => "where blah = #{x}")
+  end
 end
diff --git a/test/tests/test_rails2.rb b/test/tests/test_rails2.rb
index 6fed8c11..2bee3763 100644
--- a/test/tests/test_rails2.rb
+++ b/test/tests/test_rails2.rb
@@ -12,13 +12,13 @@ class Rails2Tests < Test::Unit::TestCase
         :controller => 1,
         :model => 2,
         :template => 18,
-        :warning => 21 }
+        :warning => 22 }
     else
       @expected ||= {
         :controller => 1,
         :model => 2,
         :template => 18,
-        :warning => 22 }
+        :warning => 23 }
     end
   end
 
@@ -201,6 +201,15 @@ class Rails2Tests < Test::Unit::TestCase
       :file => /user\.rb/
   end
 
+  def test_sql_injection_in_self_call
+    assert_warning :type => :warning,
+      :warning_type => "SQL Injection",
+      :line => 15,
+      :message => /^Possible SQL injection near line 15: self\.find/,
+      :confidence => 1,
+      :file => /user\.rb/
+  end
+
   def test_csrf_protection
     assert_warning :type => :controller,
       :warning_type => "Cross-Site Request Forgery",
-- 
GitLab