Hmm, are you applying over an already patched code? Try applying over a freshly downloaded sqlbox code tree.
Regards, Alex -- Alejandro Guerrieri [email protected] On 14/06/2010, at 11:46, Emmanuel CHANSON wrote: > Hello Rene, > > Trying to patch gw/sqlbox.c I got this error, is it an issue? > > [r...@kannel gw]# patch -p0 sqlbox.c sql-escape.patch > patching file sqlbox.c > patching file sqlbox.c > Hunk #1 FAILED at 82. > 1 out of 1 hunk FAILED -- saving rejects to file sqlbox.c.rej > patching file sqlbox.c > Reversed (or previously applied) patch detected! Assume -R? [n] n > Apply anyway? [n] y > Hunk #1 FAILED at 252. > Hunk #2 FAILED at 269. > Hunk #3 FAILED at 375. > Hunk #4 FAILED at 398. > 4 out of 4 hunks FAILED -- saving rejects to file sqlbox.c.rej > [r...@kannel gw]# > > > > > [r...@kannel gw]# cat sqlbox.c.rej > Index: sb-config.h.in > --- sb-config.h.in (revision 28) > +++ sb-config.h.in (working copy) > @@ -82,10 +82,6 @@ > /* Define to 1 if you have the <unistd.h> header file. */ > #undef HAVE_UNISTD_H > > -/* Define to the sub-directory in which libtool stores uninstalled libraries. > - */ > -#undef LT_OBJDIR > - > /* Name of package */ > #undef PACKAGE > > Index: gw/sqlbox.c > --- gw/sqlbox.c (revision 28) > +++ gw/sqlbox.c (working copy) > @@ -252,7 +252,7 @@ > static void smsbox_to_bearerbox(void *arg) > { > Boxc *conn = arg; > - Msg *msg; > + Msg *msg, *msg_escaped; > > /* remove messages from socket until it is closed */ > while (sqlbox_status != SQL_DEAD && conn->alive) { > @@ -269,7 +269,9 @@ > if (msg_type(msg) == sms) { > debug("sqlbox", 0, "smsbox_to_bearerbox: sms received"); > > - gw_sql_save_msg(msg, octstr_imm("MT")); > + msg_escaped = msg_duplicate(msg); > + gw_sql_save_msg(msg_escaped, octstr_imm("MT")); > + msg_destroy(msg_escaped); > } > > send_msg(conn->bearerbox_connection, conn, msg); > @@ -375,7 +377,7 @@ > > static void bearerbox_to_smsbox(void *arg) > { > - Msg *msg; > + Msg *msg, *msg_escaped; > Boxc *conn = arg; > > while (sqlbox_status != SQL_DEAD && conn->alive) { > @@ -398,10 +400,12 @@ > break; > } > if ((msg_type(msg) == sms) && > (strcmp(octstr_get_cstr(msg->sms.msgdata),"ACK/") != 0)) { > + msg_escaped = msg_duplicate(msg); > if (msg->sms.sms_type != report_mo) > - gw_sql_save_msg(msg, octstr_imm("MO")); > + gw_sql_save_msg(msg_escaped, octstr_imm("MO")); > else > - gw_sql_save_msg(msg, octstr_imm("DLR")); > + gw_sql_save_msg(msg_escaped, octstr_imm("DLR")); > + msg_destroy(msg_escaped); > } > send_msg(conn->smsbox_connection, conn, msg); > msg_destroy(msg); > [r...@kannel gw]# > > Regards, > > Emmanuel > > > > 2010/6/13 Rene Kluwen <[email protected]> > msg_duplicate is the normal function from msg.h. No special meaning. > > What happens is that gw_sql_save has a side effect. It escapes all text > strings with a backslash before the "'" sign because it displays them in the > INSERT INTO... statement in the database. > When I designed the function I was under the impression that it escaped the > strings in a copy... But apparently it doesn't. > > What happens in the "old" version is that gw_sql_save_msg escapes the > strings inline and later it does a "send_msg(conn->smsbox_connection, conn, > msg)" with the same message... which has a backslash in front of the "'". > > By duplicating the message before calling the gw_sql_save_msg, this behavior > is eliminated. > > Someone on the mailinglist (Tomasz) has already confirmed that the problem > has been solved with this patch. > > == Rene > > > > -----Original Message----- > From: Alejandro Guerrieri [mailto:[email protected]] > Sent: vrijdag 11 juni 2010 23:52 > To: Rene Kluwen > Cc: 'Tomasz'; 'Kannel list'; [email protected] > Subject: Re: [PATCH] RE: Messages with php stripslashes > > + msg_escaped = msg_duplicate(msg); > if (msg->sms.sms_type != report_mo) > - gw_sql_save_msg(msg, octstr_imm("MO")); > + gw_sql_save_msg(msg_escaped, octstr_imm("MO")); > else > - gw_sql_save_msg(msg, octstr_imm("DLR")); > + gw_sql_save_msg(msg_escaped, octstr_imm("DLR")); > + msg_destroy(msg_escaped); > > and > > - gw_sql_save_msg(msg, octstr_imm("MT")); > + msg_escaped = msg_duplicate(msg); > + gw_sql_save_msg(msg_escaped, octstr_imm("MT")); > + msg_destroy(msg_escaped); > > (and other similar lines) > > You're duplicating the msg to msg_escaped and then running the same > gw_sql_save_msg function? What difference does it make? > > Or maybe msg_duplicate does some escaping magic I'm not aware of? If > msg_duplicate does what the name says, I don't see what's changed. > > Regards, > > Alex > -- > Alejandro Guerrieri > [email protected] > > > > On 11/06/2010, at 23:25, Rene Kluwen wrote: > > > Sorry for crossposting. But I think the users are allowed to know what is > > going on, even if this is a developers matter. > > > > I think I found the solution to the problem below, which affects all > > smsbox->sqlbox->bearerbox users. > > > > I must admit: Haven't tested it yet. But it should work. > > > > See attached patch. Votes? > > > > > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf > > Of Tomasz > > Sent: vrijdag 11 juni 2010 15:10 > > To: Kannel list > > Subject: Re: Messages with php stripslashes > > > > Hi, > > > > I've got the same issue - when we send MT message by CGI which > > contains ' sign, the recipient gets \' (escaped '). When we inject MT > > directly to MySQL Database, recipient get only ' sing (valid!). > > > > Our configuration is: > > > > PHP MT PUSH - SMSBOX - SQLBOX - BEARERBOX - SMSC > > > > The problem is caused probably by SQLBOX - somewhere there must be > > some kind of addslashes function. Escaped sign is being delivered to > > BEARERBOX. I've tried to find this is source code but I was unable. > > > > Have someone fixed this problem yet? > > > > Thanks > > Tomasz > > > > W Twoim liście datowanym 24 maja 2010 (02:05:22) można przeczytać: > > > >> I have posted some weeks ago a similar issue with sqlbox but it is not > >> resolved for the moment, Alejandro to check on his side to reproduce the > >> issue. > > > >> Check my post in the mailling list archive to see if it the same problem: > > > >> Object: *Quote and backslash issue* > > > >> As you when using CGI interface to send a SMS I got the quote escaped on > > the > >> mobile, BUT when using directly SQL injection on sqlbox it works > > correctly. > > > >> Regards, > > > >> Emmanuel > > > > > > > > <sql-escape.patch> > > > > > > > > -- > Emmanuel > > CHANSON Emmanuel > Mobile Nouvelle-Calédonie: +687.77.35.02 > Mobile France: +33 (0) 6.68.03.89.56 > @email : [email protected]
