diff --git a/includes/database/database.inc b/includes/database/database.inc
index 4539b37..e8c2116 100644
--- a/includes/database/database.inc
+++ b/includes/database/database.inc
@@ -541,6 +541,20 @@ abstract class DatabaseConnection extends PDO {
   }
 
   /**
+   * Process a query comment string and ensure it does not include strings that
+   * might terminate the comment early.
+   *
+   * @param $string
+   *   The query comment string.
+   *
+   * @return
+   *   A cleaned up version of the query comment string.
+   */
+  public function filterComment($string = '') {
+    return preg_replace('/(\/\*\s*)|(\s\*\/)/', '', $string);
+  }
+
+  /**
    * Executes a query string against the database.
    *
    * This method provides a central handler for the actual execution of every
diff --git a/includes/database/query.inc b/includes/database/query.inc
index 7f3e9ff..bd0afb8 100644
--- a/includes/database/query.inc
+++ b/includes/database/query.inc
@@ -361,6 +361,9 @@ abstract class Query implements QueryPlaceholderInterface {
    * for easier debugging and allows you to more easily find where a query
    * with a performance problem is being generated.
    *
+   * The comment must be checked for string that might terminated it early,
+   * thereby allowing for SQL injection attacks.
+   *
    * @param $comment
    *   The comment string to be inserted into the query.
    *
@@ -368,7 +371,7 @@ abstract class Query implements QueryPlaceholderInterface {
    *   The called object.
    */
   public function comment($comment) {
-    $this->comments[] = $comment;
+    $this->comments[] = $this->connection->filterComment($comment);
     return $this;
   }
 
diff --git a/modules/simpletest/tests/database_test.test b/modules/simpletest/tests/database_test.test
index 2a086ce..5e2e87f 100644
--- a/modules/simpletest/tests/database_test.test
+++ b/modules/simpletest/tests/database_test.test
@@ -1310,6 +1310,27 @@ class DatabaseSelectTestCase extends DatabaseTestCase {
   }
 
   /**
+   * Test query COMMENT system against vulnerabilities.
+   */
+  function testVulnerableComment() {
+    $query = db_select('test')->comment('Testing query comments */ SELECT nid FROM {node}; --');
+    $name_field = $query->addField('test', 'name');
+    $age_field = $query->addField('test', 'age', 'age');
+    $result = $query->execute();
+
+    $num_records = 0;
+    foreach ($result as $record) {
+      $num_records++;
+    }
+
+    $query = (string)$query;
+    $expected = "/* Testing query comments SELECT nid FROM {node}; -- */ SELECT test.name AS name, test.age AS age\nFROM \n{test} test";
+
+    $this->assertEqual($num_records, 4, t('Returned the correct number of rows.'));
+    $this->assertEqual($query, $expected, t('The flattened query contains the sanitised comment string.'));
+  }
+
+  /**
    * Test basic conditionals on SELECT statements.
    */
   function testSimpleSelectConditional() {