Added test cases for client-s v2 and v3 sql injection

javascript/ql/test/query-tests/Security/CWE-089/untyped/clients3.js

@@ -0,0 +1,44 @@
+const { S3Client, SelectObjectContentCommand } = require("@aws-sdk/client-s3");
+const AWS = require('aws-sdk');
+const express = require('express');
+const bodyParser = require('body-parser');
+
+const app = express();
+app.use(bodyParser.json());
+
+app.post('/client/v3/execute', async (req, res) => {
+    let maliciousInput = req.body.filter; // $ MISSING: Source
+    const client = new S3Client({ region: "us-east-1" });
+    const params = {
+        Bucket: "my-bucket",
+        Key: "data.csv",
+        ExpressionType: "SQL",
+        Expression: "SELECT * FROM S3Object WHERE " + maliciousInput,
+    };
+    await client.send(new SelectObjectContentCommand(params)); // $ MISSING: Alert
+    res.end();
+});
+
+app.post('/client/v2/execute', async (req, res) => {
+    let maliciousInput = req.body.filter; // $ MISSING: Source
+    const s3 = new AWS.S3({ region: "us-east-1" });
+    const params = {
+        Bucket: "my-bucket",
+        Key: "data.csv",
+        ExpressionType: "SQL",
+        Expression: "SELECT * FROM S3Object WHERE " + maliciousInput, // $ MISSING: Alert
+    };
+    await s3.selectObjectContent(params).promise();
+    res.end();
+
+    const params1 = {
+        Bucket: "my-bucket",
+        Key: "data.csv",
+        ExpressionType: "SQL",
+        Expression: "SELECT * FROM S3Object WHERE " + maliciousInput, // $ MISSING: Alert
+    };
+
+    s3.selectObjectContent(params1, (err, data) => {
+        res.end();
+    });
+});