use dbnexus::contains_sql_injection;
#[test]
fn test_stacked_queries_lowercase() {
assert!(
contains_sql_injection("select * from users; drop table users"),
"应该检测到小写的 '; drop table'"
);
assert!(
contains_sql_injection("select * from users; delete from users"),
"应该检测到小写的 '; delete from'"
);
assert!(
contains_sql_injection("select * from users; update users set admin = 1"),
"应该检测到小写的 '; update'"
);
assert!(
contains_sql_injection("select * from users; insert into users values (1, 'hacker')"),
"应该检测到小写的 '; insert'"
);
assert!(
contains_sql_injection("select * from users; truncate table users"),
"应该检测到小写的 '; truncate'"
);
assert!(
contains_sql_injection("select * from users; alter table users add column hacked int"),
"应该检测到小写的 '; alter'"
);
assert!(
contains_sql_injection("select * from users; create table hacked (id int)"),
"应该检测到小写的 '; create'"
);
}
#[test]
fn test_union_injection_lowercase() {
assert!(
contains_sql_injection("select * from users union select * from admin"),
"应该检测到小写的 'union select'"
);
assert!(
contains_sql_injection("select * from users union all select * from admin"),
"应该检测到小写的 'union all select'"
);
assert!(
contains_sql_injection("select * from users union distinct select password from admin"),
"应该检测到小写的 'union distinct select'"
);
}
#[test]
fn test_boolean_blind_lowercase() {
assert!(
contains_sql_injection("select * from users where id = 1 or 1=1"),
"应该检测到小写的 'or 1=1'"
);
assert!(
contains_sql_injection("select * from users where id = 1 or true"),
"应该检测到小写的 'or true'"
);
assert!(
contains_sql_injection("select * from users where id = 1 or false"),
"应该检测到小写的 'or false'"
);
assert!(
contains_sql_injection("select * from users where id = 1 and 1=1"),
"应该检测到小写的 'and 1=1'"
);
assert!(
contains_sql_injection("select * from users where id = 1 and true"),
"应该检测到小写的 'and true'"
);
}
#[test]
fn test_time_blind_lowercase() {
assert!(
contains_sql_injection("select * from users where id = 1 and sleep(5)"),
"应该检测到小写的 'sleep('"
);
assert!(
contains_sql_injection("select * from users where id = 1 and benchmark(10000000,sha1('test'))"),
"应该检测到小写的 'benchmark('"
);
assert!(
contains_sql_injection("select * from users where id = 1 and pg_sleep(5)"),
"应该检测到小写的 'pg_sleep('"
);
assert!(
contains_sql_injection("waitfor delay '0:0:5'"),
"应该检测到小写的 'waitfor delay'"
);
assert!(
contains_sql_injection("waitfor time '12:00:00'"),
"应该检测到小写的 'waitfor time'"
);
}
#[test]
fn test_dynamic_sql_lowercase() {
assert!(
contains_sql_injection("exec('drop table users')"),
"应该检测到小写的 'exec('"
);
assert!(
contains_sql_injection("execute('select * from users')"),
"应该检测到小写的 'execute('"
);
assert!(
contains_sql_injection("sp_executesql n'select * from users'"),
"应该检测到小写的 'sp_executesql'"
);
assert!(
contains_sql_injection("xp_cmdshell 'dir'"),
"应该检测到小写的 'xp_cmdshell'"
);
}
#[test]
fn test_file_operations_lowercase() {
assert!(
contains_sql_injection("select load_file('/etc/passwd')"),
"应该检测到小写的 'load_file('"
);
assert!(
contains_sql_injection("select * from users into outfile '/tmp/users.txt'"),
"应该检测到小写的 'into outfile'"
);
assert!(
contains_sql_injection("select * from users into dumpfile '/tmp/users.txt'"),
"应该检测到小写的 'into dumpfile'"
);
}
#[test]
fn test_info_disclosure_lowercase() {
assert!(
contains_sql_injection("select * from information_schema.tables"),
"应该检测到小写的 'information_schema'"
);
assert!(
contains_sql_injection("select * from sysobjects"),
"应该检测到小写的 'sysobjects'"
);
assert!(
contains_sql_injection("select * from sys.tables"),
"应该检测到小写的 'sys.tables'"
);
assert!(
contains_sql_injection("select * from mysql.user"),
"应该检测到小写的 'mysql.user'"
);
assert!(
contains_sql_injection("select * from pg_user"),
"应该检测到小写的 'pg_user'"
);
assert!(
contains_sql_injection("select * from pg_shadow"),
"应该检测到小写的 'pg_shadow'"
);
}
#[test]
fn test_encoding_bypass_lowercase() {
assert!(
contains_sql_injection("select * from users where name = char(97,100,109,105,110)"),
"应该检测到小写的 'char('"
);
assert!(
contains_sql_injection("select * from users where name = chr(65)"),
"应该检测到小写的 'chr('"
);
assert!(
contains_sql_injection("select * from users where name = concat('ad','min')"),
"应该检测到小写的 'concat('"
);
assert!(
contains_sql_injection("select concat_ws(',', 'a', 'b', 'c')"),
"应该检测到小写的 'concat_ws('"
);
}
#[test]
fn test_comment_injection() {
assert!(
contains_sql_injection("select * from users where id = 1 -- "),
"应该检测到 '-- ' 注释注入"
);
assert!(
contains_sql_injection("select * from users where id = 1 --+"),
"应该检测到 '--+' 注释注入"
);
assert!(
contains_sql_injection("select * from users where id = 1 #"),
"应该检测到 '#' 注释注入"
);
assert!(
contains_sql_injection("select * /* comment */ from users"),
"应该检测到 '/* ' 块注释注入"
);
}
#[test]
fn test_mixed_case_injection() {
assert!(
contains_sql_injection("select * from users UnIoN SeLeCt * from admin"),
"应该检测到混合大小写的 'UnIoN SeLeCt'"
);
assert!(
contains_sql_injection("select * from users; DrOp TaBlE users"),
"应该检测到混合大小写的 '; DrOp TaBlE'"
);
assert!(
contains_sql_injection("select * from InFoRmAtIoN_ScHeMa.TaBlEs"),
"应该检测到混合大小写的 'InFoRmAtIoN_ScHeMa'"
);
assert!(
contains_sql_injection("select * from users where id = 1 and SlEeP(5)"),
"应该检测到混合大小写的 'SlEeP('"
);
}
#[test]
fn test_false_positives_lowercase() {
assert!(
!contains_sql_injection("select id, name from users where id = 1"),
"正常的 SELECT 不应被检测为注入"
);
assert!(
!contains_sql_injection("insert into users (name, email) values ('test', 'test@example.com')"),
"正常的 INSERT 不应被检测为注入"
);
assert!(
!contains_sql_injection("update users set name = 'new_name' where id = 1"),
"正常的 UPDATE 不应被检测为注入"
);
assert!(
!contains_sql_injection("delete from users where id = 1"),
"正常的 DELETE 不应被检测为注入"
);
assert!(
!contains_sql_injection("select u.name, o.order_id from users u join orders o on u.id = o.user_id"),
"正常的 JOIN 不应被检测为注入"
);
}
#[cfg(feature = "sql-parser")]
use dbnexus::{DdlGuard, DdlValidationResult};
#[cfg(feature = "sql-parser")]
#[test]
fn test_ddl_guard_vs_sql_injection() {
let guard = DdlGuard::new();
let result = guard.validate("CREATE TABLE users (id INT PRIMARY KEY)");
assert!(
matches!(result, Ok(DdlValidationResult::Allowed)),
"合法的 CREATE TABLE 应该通过 DDL Guard"
);
let result = guard.validate("DROP TABLE users");
assert!(
matches!(result, Ok(DdlValidationResult::Forbidden(_))),
"DROP TABLE 应该被 DDL Guard 拒绝"
);
}
#[cfg(feature = "sql-parser")]
#[test]
fn test_complete_sql_security_flow() {
let safe_sql = "SELECT * FROM users WHERE id = 1";
assert!(!contains_sql_injection(safe_sql), "安全的 SQL 不应被标记为注入");
let ddl_sql = "CREATE TABLE test_table (id INT)";
let guard = DdlGuard::new();
let result = guard.validate(ddl_sql);
assert!(
matches!(result, Ok(DdlValidationResult::Allowed)),
"合法 DDL 应该通过 DdlGuard"
);
let dangerous_ddl = "DROP DATABASE production";
let result = guard.validate(dangerous_ddl);
assert!(
matches!(result, Ok(DdlValidationResult::Forbidden(_))),
"危险的 DDL 应该被拦截"
);
let injection_sql = "SELECT * FROM users WHERE id = 1 OR 1=1";
assert!(contains_sql_injection(injection_sql), "包含注入模式的 SQL 应该被检测");
}