diff --git a/integration_tests/test_sql_parameterization.py b/integration_tests/test_sql_parameterization.py index 6e8cd9da..f27063fa 100644 --- a/integration_tests/test_sql_parameterization.py +++ b/integration_tests/test_sql_parameterization.py @@ -11,9 +11,9 @@ class TestSQLQueryParameterization(BaseIntegrationTest): original_code, expected_new_code = original_and_expected_from_code_path( code_path, [ - (7, """ b = " WHERE name =?"\n"""), - (8, """ c = " AND phone = ?"\n"""), - (9, """ r = cursor.execute(a + b + c, (name, phone, ))\n"""), + (9, """ b = " WHERE name =?"\n"""), + (10, """ c = " AND phone = ?"\n"""), + (11, """ r = cursor.execute(a + b + c, (name, phone, ))\n"""), ], ) @@ -21,7 +21,7 @@ class TestSQLQueryParameterization(BaseIntegrationTest): expected_diff =( """--- \n""" """+++ \n""" - """@@ -5,9 +5,9 @@\n""" + """@@ -7,9 +7,9 @@\n""" """ \n""" """ def foo(cursor: sqlite3.Cursor, name: str, phone: str):\n""" """ a = "SELECT * FROM Users"\n""" @@ -36,6 +36,6 @@ class TestSQLQueryParameterization(BaseIntegrationTest): """ \n""") # fmt: on - expected_line_change = "10" + expected_line_change = "12" change_description = SQLQueryParameterization.CHANGE_DESCRIPTION num_changed_files = 1 diff --git a/tests/samples/my_db.db b/tests/samples/my_db.db deleted file mode 100644 index 9a18d911..00000000 Binary files a/tests/samples/my_db.db and /dev/null differ diff --git a/tests/samples/sql_injection.py b/tests/samples/sql_injection.py index 483aa8ee..3ef768ad 100644 --- a/tests/samples/sql_injection.py +++ b/tests/samples/sql_injection.py @@ -1,6 +1,8 @@ import sqlite3 -connection = sqlite3.connect("tests/samples/my_db.db") +connection = sqlite3.connect(":memory:") +connection.cursor().execute("CREATE TABLE Users (name, phone)") +connection.cursor().execute("INSERT INTO Users VALUES ('Jenny','867-5309')") def foo(cursor: sqlite3.Cursor, name: str, phone: str):