security warning fixes

patterninc · Nov 5, 2024 · 4277540 · 4277540
1 parent 8aee296
commit 4277540
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/lib/query_helper/sql_parser.rb b/lib/query_helper/sql_parser.rb
@@ -18,8 +18,9 @@ def update(sql)
 
     def remove_comments
       # Remove SQL inline comments (/* */) and line comments (--)
-      @sql = @sql.gsub(%r{/\*.*?\*/}m, '')   # Removes multi-line comments (/* ... */)
-           .gsub(/--[^\n]*$/, '')       # Removes single-line comments (-- ... until end of line)
+      @sql = @sql.gsub(%r{/\*[^/]*?\*/}m, '')  # Removes multi-line comments (/* ... */)
+              .gsub(/--[^\n]*/, '')            # Removes single-line comments (--)
+
       @sql.squish!
     end