From 8081ea9de2035e1fa279a94a356c498118ee67ab Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Mon, 15 May 2023 15:53:17 -0700
Subject: [PATCH] Create vulnerable.swift

---
 vulnerable.swift | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 vulnerable.swift

diff --git a/vulnerable.swift b/vulnerable.swift
new file mode 100644
index 0000000..af108eb
--- /dev/null
+++ b/vulnerable.swift
@@ -0,0 +1,35 @@
+import UIKit
+import SQLite3
+
+class SQLInjectionExerciseVC: UIViewController {
+    @IBOutlet weak var searchField: UITextField!
+    
+    @IBAction func search() {
+        let dbPath = URL(fileURLWithPath: Bundle.main.resourcePath ?? "").appendingPathComponent("articles.sqlite").absoluteString
+        var db: OpaquePointer?
+        if sqlite3_open(dbPath, &db) != SQLITE_OK {
+            UIAlertController.showAlertWith(title: "Snap!", message: "Error opening articles database.")
+            return
+        }
+        
+        var searchStr = "%"
+        if !(searchField.text?.isEmpty ?? true) {
+             searchStr = "%" + "\(searchField.text!)" + "%"
+        }
+        
+        let query = "SELECT title FROM article WHERE title LIKE '\(searchStr)' AND premium=0"
+        var stmt: OpaquePointer?
+        sqlite3_prepare_v2(db, query, -1, &stmt, nil)
+        var articleTitles = [String]()
+        while sqlite3_step(stmt) == SQLITE_ROW {
+            let title = String(cString: sqlite3_column_text(stmt, 0))
+            articleTitles.append(title)
+        }
+        sqlite3_finalize(stmt)
+        sqlite3_close(db)
+        
+        let sqlInjectionArticlesVC = SQLInjectionArticlesVC(nibName: "SQLInjectionArticlesVC", bundle: nil)
+        sqlInjectionArticlesVC.articles = articleTitles
+        navigationController?.pushViewController(sqlInjectionArticlesVC, animated: true)
+    }
+}