/** * Check is sql was injected or not. * @param sql * @return if return true, use this.getSqlInjections() to get detailed information about sql injection. */ public Boolean isInjected(String sql) { Boolean ret = false; this.sqlText = sql; this.sqlParser.SqlText.Text = this.sqlText; this.getSqlInjections().Clear(); int i = this.sqlParser.Parse(); if (i == 0) { ret = ret | isInjected_always_false_condition(); ret = ret | isInjected_always_true_condition(); ret = ret | isInjected_comment_at_the_end_statement(); ret = ret | isInjected_stacking_queries(); ret = ret | isInjected_allowed_statement(); ret = ret | isInjected_union_set(); } else { TSQLInjection s = new TSQLInjection(ESQLInjectionType.syntax_error); s.setDescription(this.sqlParser.ErrorMessages); this.getSqlInjections().Add(s); ret = true; } return(ret); }
private Boolean isInjected_allowed_statement() { Boolean ret = false; if (!this.e_not_in_allowed_statement) { return(false); } for (int j = 0; j < this.sqlParser.SqlStatements.Count(); j++) { if (!this.isAllowedStatement(this.sqlParser.SqlStatements[j].SqlStatementType)) { TSQLInjection s = new TSQLInjection(ESQLInjectionType.not_in_allowed_statement); s.setDescription(this.sqlParser.SqlStatements[j].SqlStatementType.ToString()); this.getSqlInjections().Add(s); ret = ret | true; } ; } return(ret); }