jimbo8098 · October 25, 2022 09:14
diff --git a/injection.cs b/injection.cs
 using System.Data;
 using MySql.Data.MySqlClient;

 var builder = new MySqlConnectionStringBuilder
 {
    Server = "127.0.0.1",
    Database = "testing",
    UserID = "root",
    Password = "toor",
    SslMode = MySqlSslMode.Preferred,
 };

 int[] GetTestValue(MySqlConnectionStringBuilder builder, string colval)
 {
    List<int> foundValues = new List<int>();
    using (var conn = new MySqlConnection(builder.ConnectionString))
    {
        conn.Open();
        using (var command = conn.CreateCommand())
        {
            command.CommandText = $"SELECT * FROM testing.test WHERE test_col = {colval};";
            using (var reader = command.ExecuteReader())
            {
                while (reader.Read())
                {
                    var value = reader.GetInt32(0);
                    foundValues.Add(value);
                }
            }
        }
        conn.Close();
    }
    return foundValues.ToArray();
 }

 // Dump contents of testing.test
 using (var conn = new MySqlConnection(builder.ConnectionString))
 {
    conn.Open();
    using(var command = conn.CreateCommand())
    {
        command.CommandText = "SELECT * FROM testing.test;";
        using (var reader = command.ExecuteReader())
        {
            Console.WriteLine("Contents of the testing.test table");
            while(reader.Read())
            {
                Console.WriteLine(reader.GetInt32(0));
            }
            Console.WriteLine("============");
            Console.WriteLine();
        }
    }
    conn.Close();
 }

 // Find an integer - nothing special
 foreach(var returnedInt in GetTestValue(builder, "100"))
 {
    Console.WriteLine($"Found {returnedInt}");
 }

 //Try to delete the value - expect this to be found in sonarscan (Rule S3649)
 foreach (var returnedInt in GetTestValue(builder, "100; DELETE FROM testing.test where test_col = 100;"))
 {
    Console.WriteLine("Row has been deleted!");
 }
	using System.Data;
	using MySql.Data.MySqlClient;

	var builder = new MySqlConnectionStringBuilder
	{
	Server = "127.0.0.1",
	Database = "testing",
	UserID = "root",
	Password = "toor",
	SslMode = MySqlSslMode.Preferred,
	};

	int[] GetTestValue(MySqlConnectionStringBuilder builder, string colval)
	{
	List<int> foundValues = new List<int>();
	using (var conn = new MySqlConnection(builder.ConnectionString))
	{
	conn.Open();
	using (var command = conn.CreateCommand())
	{
	command.CommandText = $"SELECT * FROM testing.test WHERE test_col = {colval};";
	using (var reader = command.ExecuteReader())
	{
	while (reader.Read())
	{
	var value = reader.GetInt32(0);
	foundValues.Add(value);
	}
	}
	}
	conn.Close();
	}
	return foundValues.ToArray();
	}

	// Dump contents of testing.test
	using (var conn = new MySqlConnection(builder.ConnectionString))
	{
	conn.Open();
	using(var command = conn.CreateCommand())
	{
	command.CommandText = "SELECT * FROM testing.test;";
	using (var reader = command.ExecuteReader())
	{
	Console.WriteLine("Contents of the testing.test table");
	while(reader.Read())
	{
	Console.WriteLine(reader.GetInt32(0));
	}
	Console.WriteLine("============");
	Console.WriteLine();
	}
	}
	conn.Close();
	}

	// Find an integer - nothing special
	foreach(var returnedInt in GetTestValue(builder, "100"))
	{
	Console.WriteLine($"Found {returnedInt}");
	}

	//Try to delete the value - expect this to be found in sonarscan (Rule S3649)
	foreach (var returnedInt in GetTestValue(builder, "100; DELETE FROM testing.test where test_col = 100;"))
	{
	Console.WriteLine("Row has been deleted!");
	}