Bugs item #2048361, was opened at 2008-08-12 20:38
Message generated for change (Comment added) made by mhoenicka
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=379806&aid=2048361&group_id=23824
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
>Status: Closed
Priority: 5
Private: No
Submitted By: Alexander Amelkin (spirit-rc)
Assigned to: Nobody/Anonymous (nobody)
Summary: dbi_conn_quote_string* functions do not escape quotes
Initial Comment:
This code:
----------------------
char *username="buggyrequest\" and something bad \"";
char *username2;
...
dbi_conn_quote_string_copy(conn, username, &username2);
printf("Username: %s\n");
----------------------
Results in the following printout:
----------------------
Username: "buggyrequest" and something bad ""
----------------------
Thus, the resulting username2 string can't actually be used in a call like
dbi_conn_queryf(conn, "select * from users where username=%s", username2);
and will lead to an injection of a malicious SQL code if the original username
is supplied by the user.
----------------------------------------------------------------------
>Comment By: Markus Hoenicka (mhoenicka)
Date: 2008-08-13 12:22
Message:
Logged In: YES
user_id=85809
Originator: NO
Thanks for moving the bug report to libdbi-drivers.
----------------------------------------------------------------------
Comment By: Alexander Amelkin (spirit-rc)
Date: 2008-08-13 10:41
Message:
Logged In: YES
user_id=412567
Originator: YES
Bug #2049266 has been created for this issue in libdbi-drivers.
----------------------------------------------------------------------
Comment By: Markus Hoenicka (mhoenicka)
Date: 2008-08-13 08:47
Message:
Logged In: YES
user_id=85809
Originator: NO
Quoting is handled by each driver individually, as the database engines
support different escaping and quoting rules. In order to follow up on this
we need to know which drivers are affected. Could you please file a similar
bug report at libdbi-drivers (not libdbi) mentioning the affected drivers?
I'll then close this item here.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=379806&aid=2048361&group_id=23824
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
libdbi-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libdbi-devel
