https://bugs.documentfoundation.org/show_bug.cgi?id=120310
Bug ID: 120310
Summary: Input sanitisation not working
Product: LibreOffice
Version: 6.0.6.2 release
Hardware: x86-64 (AMD64)
OS: Windows (All)
Status: UNCONFIRMED
Severity: normal
Priority: medium
Component: Base
Assignee: [email protected]
Reporter: [email protected]
Description:
Double and single quotes in field names for Base are neither removed nor
sanitised - they give generic fail messages, where it is clear from the fail
message that the quotes are preserved incorrectly. I would class this is as a
severe SEVERE error.
Steps to Reproduce:
1. Put a single or double quote into a field name in Base (only one so it
fails)
2. Try to save the table
3. Look at the quotes in the resulting error message
4. (Reason for putting only one - if more than one, it may succeed incorrectly
and do Very Bad Things)
Actual Results:
Fail at best, incorrect table creation at medium, and significant security hole
at worst, depending on backend implementation
Expected Results:
Input sanitisation or quotification
Reproducible: Always
User Profile Reset: No
Additional Info:
This should be considered an extremely serious bug, as depending on backend
implementation, it could be exploited to leak info or worse.
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
