From 324f489e34501df47fde74e6f934bef38fa3eeb9 Mon Sep 17 00:00:00 2001 From: Hans Ott Date: Mon, 20 Jan 2025 16:32:51 +0100 Subject: [PATCH] Fix comment --- src/sql_injection/detect_sql_injection.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sql_injection/detect_sql_injection.rs b/src/sql_injection/detect_sql_injection.rs index 4e10535..0cc1eba 100644 --- a/src/sql_injection/detect_sql_injection.rs +++ b/src/sql_injection/detect_sql_injection.rs @@ -24,7 +24,7 @@ pub fn detect_sql_injection_str(query: &str, userinput: &str, dialect: i32) -> b if tokens.len() <= 0 { if dialect == 3 && has_multiple_statements(query, dialect) { // Clickhouse does not support multiple statements - // The first statement will still be executed if of the other statements is still valid + // The first statement will still be executed if the other statements are invalid // We'll assume the original query is valid // If the query with user input replaced is valid, we'll assume it's an injection because it created a new statement let query_without_input = replace_user_input_with_safe_str(query, userinput);