Hi,
Try to use -R option with path or press "y" when "Assume -R? [n]"
displays.
Regards,
Tomasz
W Twoim liście datowanym 14 czerwca 2010 (11:46:40) można przeczytać:
> Hello Rene,
> Trying to patch gw/sqlbox.c I got this error, is it an issue?
> [r...@kannel gw]# patch -p0 sqlbox.c sql-escape.patch
> patching file sqlbox.c
> patching file sqlbox.c
> Hunk #1 FAILED at 82.
> 1 out of 1 hunk FAILED -- saving rejects to file sqlbox.c.rej
> patching file sqlbox.c
> Reversed (or previously applied) patch detected! Assume -R? [n] n
> Apply anyway? [n] y
> Hunk #1 FAILED at 252.
> Hunk #2 FAILED at 269.
> Hunk #3 FAILED at 375.
> Hunk #4 FAILED at 398.
> 4 out of 4 hunks FAILED -- saving rejects to file sqlbox.c.rej
> [r...@kannel gw]#
> [r...@kannel gw]# cat sqlbox.c.rej
> Index: sb-config.h.in
> --- sb-config.h.in (revision 28)
> +++ sb-config.h.in (working copy)
> @@ -82,10 +82,6 @@
> /* Define to 1 if you have the <unistd.h> header file. */
> #undef HAVE_UNISTD_H
> -/* Define to the sub-directory in which libtool stores uninstalled
> libraries.
> - */
> -#undef LT_OBJDIR
> -
> /* Name of package */
> #undef PACKAGE
> Index: gw/sqlbox.c
> --- gw/sqlbox.c (revision 28)
> +++ gw/sqlbox.c (working copy)
> @@ -252,7 +252,7 @@
> static void smsbox_to_bearerbox(void *arg)
> {
> Boxc *conn = arg;
> - Msg *msg;
> + Msg *msg, *msg_escaped;
> /* remove messages from socket until it is closed */
> while (sqlbox_status != SQL_DEAD && conn->alive) {
> @@ -269,7 +269,9 @@
> if (msg_type(msg) == sms) {
> debug("sqlbox", 0, "smsbox_to_bearerbox: sms received");
> - gw_sql_save_msg(msg, octstr_imm("MT"));
> + msg_escaped = msg_duplicate(msg);
> + gw_sql_save_msg(msg_escaped, octstr_imm("MT"));
> + msg_destroy(msg_escaped);
> }
> send_msg(conn->bearerbox_connection, conn, msg);
> @@ -375,7 +377,7 @@
> static void bearerbox_to_smsbox(void *arg)
> {
> - Msg *msg;
> + Msg *msg, *msg_escaped;
> Boxc *conn = arg;
> while (sqlbox_status != SQL_DEAD && conn->alive) {
> @@ -398,10 +400,12 @@
> break;
> }
> if ((msg_type(msg) == sms) &&
> (strcmp(octstr_get_cstr(msg->sms.msgdata),"ACK/") != 0)) {
> + msg_escaped = msg_duplicate(msg);
> if (msg->sms.sms_type != report_mo)
> - gw_sql_save_msg(msg, octstr_imm("MO"));
> + gw_sql_save_msg(msg_escaped, octstr_imm("MO"));
> else
> - gw_sql_save_msg(msg, octstr_imm("DLR"));
> + gw_sql_save_msg(msg_escaped, octstr_imm("DLR"));
> + msg_destroy(msg_escaped);
> }
> send_msg(conn->smsbox_connection, conn, msg);
> msg_destroy(msg);
> [r...@kannel gw]#
> Regards,
> Emmanuel
> 2010/6/13 Rene Kluwen <[email protected]>
>> msg_duplicate is the normal function from msg.h. No special meaning.
>>
>> What happens is that gw_sql_save has a side effect. It escapes all text
>> strings with a backslash before the "'" sign because it displays them in
>> the
>> INSERT INTO... statement in the database.
>> When I designed the function I was under the impression that it escaped the
>> strings in a copy... But apparently it doesn't.
>>
>> What happens in the "old" version is that gw_sql_save_msg escapes the
>> strings inline and later it does a "send_msg(conn->smsbox_connection, conn,
>> msg)" with the same message... which has a backslash in front of the "'".
>>
>> By duplicating the message before calling the gw_sql_save_msg, this
>> behavior
>> is eliminated.
>>
>> Someone on the mailinglist (Tomasz) has already confirmed that the problem
>> has been solved with this patch.
>>
>> == Rene
>>
>>
>>
>> -----Original Message-----
>> From: Alejandro Guerrieri [mailto:[email protected]]
>> Sent: vrijdag 11 juni 2010 23:52
>> To: Rene Kluwen
>> Cc: 'Tomasz'; 'Kannel list'; [email protected]
>> Subject: Re: [PATCH] RE: Messages with php stripslashes
>>
>> + msg_escaped = msg_duplicate(msg);
>> if (msg->sms.sms_type != report_mo)
>> - gw_sql_save_msg(msg, octstr_imm("MO"));
>> + gw_sql_save_msg(msg_escaped, octstr_imm("MO"));
>> else
>> - gw_sql_save_msg(msg, octstr_imm("DLR"));
>> + gw_sql_save_msg(msg_escaped, octstr_imm("DLR"));
>> + msg_destroy(msg_escaped);
>>
>> and
>>
>> - gw_sql_save_msg(msg, octstr_imm("MT"));
>> + msg_escaped = msg_duplicate(msg);
>> + gw_sql_save_msg(msg_escaped, octstr_imm("MT"));
>> + msg_destroy(msg_escaped);
>>
>> (and other similar lines)
>>
>> You're duplicating the msg to msg_escaped and then running the same
>> gw_sql_save_msg function? What difference does it make?
>>
>> Or maybe msg_duplicate does some escaping magic I'm not aware of? If
>> msg_duplicate does what the name says, I don't see what's changed.
>>
>> Regards,
>>
>> Alex
>> --
>> Alejandro Guerrieri
>> [email protected]
>>
>>
>>
>> On 11/06/2010, at 23:25, Rene Kluwen wrote:
>>
>> > Sorry for crossposting. But I think the users are allowed to know what is
>> > going on, even if this is a developers matter.
>> >
>> > I think I found the solution to the problem below, which affects all
>> > smsbox->sqlbox->bearerbox users.
>> >
>> > I must admit: Haven't tested it yet. But it should work.
>> >
>> > See attached patch. Votes?
>> >
>> >
>> > -----Original Message-----
>> > From: [email protected] [mailto:[email protected]] On
>> Behalf
>> > Of Tomasz
>> > Sent: vrijdag 11 juni 2010 15:10
>> > To: Kannel list
>> > Subject: Re: Messages with php stripslashes
>> >
>> > Hi,
>> >
>> > I've got the same issue - when we send MT message by CGI which
>> > contains ' sign, the recipient gets \' (escaped '). When we inject MT
>> > directly to MySQL Database, recipient get only ' sing (valid!).
>> >
>> > Our configuration is:
>> >
>> > PHP MT PUSH - SMSBOX - SQLBOX - BEARERBOX - SMSC
>> >
>> > The problem is caused probably by SQLBOX - somewhere there must be
>> > some kind of addslashes function. Escaped sign is being delivered to
>> > BEARERBOX. I've tried to find this is source code but I was unable.
>> >
>> > Have someone fixed this problem yet?
>> >
>> > Thanks
>> > Tomasz
>> >
>> > W Twoim liście datowanym 24 maja 2010 (02:05:22) można przeczytać:
>> >
>> >> I have posted some weeks ago a similar issue with sqlbox but it is not
>> >> resolved for the moment, Alejandro to check on his side to reproduce the
>> >> issue.
>> >
>> >> Check my post in the mailling list archive to see if it the same
>> problem:
>> >
>> >> Object: *Quote and backslash issue*
>> >
>> >> As you when using CGI interface to send a SMS I got the quote escaped on
>> > the
>> >> mobile, BUT when using directly SQL injection on sqlbox it works
>> > correctly.
>> >
>> >> Regards,
>> >
>> >> Emmanuel
>> >
>> >
>> >
>> > <sql-escape.patch>
