I think we should reconsider the number of single quotes.
In the example below, since we don't write single quotes in the query because it's a static placeholder, the attacker would start with
I'm trying to write two single quotes, but when I show it escaped with .simulate(), there are a lot of single quotes and it's hard to see.
|
let passwd = String::from("'' or 1=1; --"); // User supplied input |
|
|
|
let query = query!("SELECT name FROM users WHERE id={id} AND passwd={passwd}"); |
|
assert_eq!(query.simulate(), "SELECT name FROM users WHERE id='42' AND passwd=''''' or 1=1; --'"); |
Since the sentence assumed by the attacker is "passwd='" + "' or 1=1; --" + "';".
I think we should reconsider the number of single quotes.
In the example below, since we don't write single quotes in the query because it's a static placeholder, the attacker would start with
I'm trying to write two single quotes, but when I show it escaped with
.simulate(), there are a lot of single quotes and it's hard to see.ConcatSQL/README.md
Lines 47 to 50 in f5fa442
Since the sentence assumed by the attacker is
"passwd='"+"' or 1=1; --"+"';".