Fix false positive on SQLi EOL comments

[Anilm3]

If an injection is within a comment, it can be matched as a false positive if the comment is not the first or last token in the resource. To avoid these false positives, we must ensure that the comment itself was part of the injection and / or more than one token was injected.

Related Jiras: APPSEC-54410

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.51%. Comparing base (87d3e77) to head (35dbe34).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #330   +/-   ##
=======================================
  Coverage   84.50%   84.51%           
=======================================
  Files         144      144           
  Lines        6946     6948    +2     
  Branches     3182     3182           
=======================================
+ Hits         5870     5872    +2     
  Misses        400      400           
  Partials      676      676           

Flag	Coverage Δ
waf_test	84.51% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-08-02 15:04:24

Comparing candidate commit 00792d1 in PR branch anilm3/fix-sqli-fp with baseline commit 87d3e77 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 1 metrics, 0 unstable metrics.

[Taiki-San]

I don't see any case where is_not_last_token is useful. Unless the test suite complain, I think it may be a Sqreen bug