From 2df565c84f1a5e8a886797b6cbe9d1ed315c4c3d Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 18 Nov 2024 15:24:33 +0000
Subject: [PATCH] Rust: Add options.yml and sqlx 'query cache' (result of 'sqlx
 prepare') so that the query test can function.

---
 ...b6da5ed65c28f666a68c4d73a1918f0eaa6f6.json | 32 +++++++++++++++++++
 .../security/CWE-089/SqlInjection.expected    |  1 +
 .../CWE-089/{cargo.toml => cargo.toml.manual} |  0
 .../query-tests/security/CWE-089/options.yml  |  5 +++
 .../test/query-tests/security/CWE-089/sqlx.rs |  3 +-
 5 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 rust/ql/test/query-tests/security/CWE-089/.sqlx/query-c996a36820ff0b98021fa553b09b6da5ed65c28f666a68c4d73a1918f0eaa6f6.json
 rename rust/ql/test/query-tests/security/CWE-089/{cargo.toml => cargo.toml.manual} (100%)
 create mode 100644 rust/ql/test/query-tests/security/CWE-089/options.yml

diff --git a/rust/ql/test/query-tests/security/CWE-089/.sqlx/query-c996a36820ff0b98021fa553b09b6da5ed65c28f666a68c4d73a1918f0eaa6f6.json b/rust/ql/test/query-tests/security/CWE-089/.sqlx/query-c996a36820ff0b98021fa553b09b6da5ed65c28f666a68c4d73a1918f0eaa6f6.json
new file mode 100644
index 000000000000..a4493e90c37d
--- /dev/null
+++ b/rust/ql/test/query-tests/security/CWE-089/.sqlx/query-c996a36820ff0b98021fa553b09b6da5ed65c28f666a68c4d73a1918f0eaa6f6.json
@@ -0,0 +1,32 @@
+{
+  "db_name": "SQLite",
+  "query": "SELECT * FROM people WHERE firstname=$1",
+  "describe": {
+    "columns": [
+      {
+        "name": "id",
+        "ordinal": 0,
+        "type_info": "Integer"
+      },
+      {
+        "name": "firstname",
+        "ordinal": 1,
+        "type_info": "Text"
+      },
+      {
+        "name": "lastname",
+        "ordinal": 2,
+        "type_info": "Text"
+      }
+    ],
+    "parameters": {
+      "Right": 1
+    },
+    "nullable": [
+      false,
+      false,
+      false
+    ]
+  },
+  "hash": "c996a36820ff0b98021fa553b09b6da5ed65c28f666a68c4d73a1918f0eaa6f6"
+}
diff --git a/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected b/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected
index e69de29bb2d1..f082a67fcf66 100644
--- a/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected
+++ b/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected
@@ -0,0 +1 @@
+| 0 |
diff --git a/rust/ql/test/query-tests/security/CWE-089/cargo.toml b/rust/ql/test/query-tests/security/CWE-089/cargo.toml.manual
similarity index 100%
rename from rust/ql/test/query-tests/security/CWE-089/cargo.toml
rename to rust/ql/test/query-tests/security/CWE-089/cargo.toml.manual
diff --git a/rust/ql/test/query-tests/security/CWE-089/options.yml b/rust/ql/test/query-tests/security/CWE-089/options.yml
new file mode 100644
index 000000000000..24744b7dfb45
--- /dev/null
+++ b/rust/ql/test/query-tests/security/CWE-089/options.yml
@@ -0,0 +1,5 @@
+qltest_cargo_check: true
+qltest_dependencies:
+    - reqwest = { version = "0.12.9", features = ["blocking"] }
+    - sqlx = { version = "0.8", features = ["mysql", "sqlite", "postgres", "runtime-async-std", "tls-native-tls"] }
+    - futures = { version = "0.3" }
diff --git a/rust/ql/test/query-tests/security/CWE-089/sqlx.rs b/rust/ql/test/query-tests/security/CWE-089/sqlx.rs
index bf4cd7a96aec..b5cc25000f99 100644
--- a/rust/ql/test/query-tests/security/CWE-089/sqlx.rs
+++ b/rust/ql/test/query-tests/security/CWE-089/sqlx.rs
@@ -22,8 +22,9 @@ use sqlx::Executor;
  * sqlx migrate run
  * ```
  *
- * Build and run:
+ * Build and run with the provided `cargo.toml.manual`:
  * ```
+ * cp cargo.toml.manual cargo.toml
  * cargo run
  * ```
  *