Fossil SCM
Inititial draft of an attempt to intercept certain SQL injection attacks recently seen made against fossil repos. Its effect can be seen by visiting: /vdiff?from=trunk&to=trunk&w=drop
Commit
61a608a2df267d203f6755b5bd19bce7537cefecea3222d9b775471fb698e954
Parent
391526232e91d65…
3 files changed
+54
-7
+8
-8
+18
+54
-7
| --- src/cgi.c | ||
| +++ src/cgi.c | ||
| @@ -94,17 +94,19 @@ | ||
| 94 | 94 | /* |
| 95 | 95 | ** Shortcuts for cgi_parameter. P("x") returns the value of query parameter |
| 96 | 96 | ** or cookie "x", or NULL if there is no such parameter or cookie. PD("x","y") |
| 97 | 97 | ** does the same except "y" is returned in place of NULL if there is not match. |
| 98 | 98 | */ |
| 99 | -#define P(x) cgi_parameter((x),0) | |
| 100 | -#define PD(x,y) cgi_parameter((x),(y)) | |
| 101 | -#define PT(x) cgi_parameter_trimmed((x),0) | |
| 102 | -#define PDT(x,y) cgi_parameter_trimmed((x),(y)) | |
| 103 | -#define PB(x) cgi_parameter_boolean(x) | |
| 104 | -#define PCK(x) cgi_parameter_checked(x,1) | |
| 105 | -#define PIF(x,y) cgi_parameter_checked(x,y) | |
| 99 | +#define P(x) cgi_parameter((x),0) | |
| 100 | +#define PD(x,y) cgi_parameter((x),(y)) | |
| 101 | +#define PT(x) cgi_parameter_trimmed((x),0) | |
| 102 | +#define PDT(x,y) cgi_parameter_trimmed((x),(y)) | |
| 103 | +#define PB(x) cgi_parameter_boolean(x) | |
| 104 | +#define PCK(x) cgi_parameter_checked(x,1) | |
| 105 | +#define PIF(x,y) cgi_parameter_checked(x,y) | |
| 106 | +#define P_NoSQL(x) cgi_parameter_nosql((x),0) | |
| 107 | +#define PD_NoSQL(x,y) cgi_parameter_nosql((x),(y)) | |
| 106 | 108 | |
| 107 | 109 | /* |
| 108 | 110 | ** Shortcut for the cgi_printf() routine. Instead of using the |
| 109 | 111 | ** |
| 110 | 112 | ** @ ... |
| @@ -1504,10 +1506,55 @@ | ||
| 1504 | 1506 | } |
| 1505 | 1507 | } |
| 1506 | 1508 | CGIDEBUG(("no-match [%s]\n", zName)); |
| 1507 | 1509 | return zDefault; |
| 1508 | 1510 | } |
| 1511 | + | |
| 1512 | +/* | |
| 1513 | +** Renders the "begone, spider" page and exists. | |
| 1514 | +*/ | |
| 1515 | +static void cgi_begone_spider(void){ | |
| 1516 | + Blob content = empty_blob; | |
| 1517 | + | |
| 1518 | + cgi_set_content(&content); | |
| 1519 | + style_set_current_feature("test"); | |
| 1520 | + style_header("Spider Detected"); | |
| 1521 | + @ <h2>Begone, Spider!</h2> | |
| 1522 | + @ <p>This page was generated because Fossil believes it has | |
| 1523 | + @ detected a spider-based attack. If you believe you are seeing | |
| 1524 | + @ this in error, please contact us on the forum: https://fossil-scm.org/forum | |
| 1525 | + style_finish_page(); | |
| 1526 | + cgi_set_status(404,"Spider Detected"); | |
| 1527 | + cgi_reply(); | |
| 1528 | + exit(0); | |
| 1529 | +} | |
| 1530 | + | |
| 1531 | +/* | |
| 1532 | +** If might_be_sql() returns true for the given string, calls | |
| 1533 | +** cgi_begin_spider() and does not return, else this function has no | |
| 1534 | +** side effects. The range of checks performed by this function may | |
| 1535 | +** be extended in the future. | |
| 1536 | +*/ | |
| 1537 | +void cgi_value_spider_check(const char *zTxt){ | |
| 1538 | + if( might_be_sql(zTxt) ){ | |
| 1539 | + cgi_begone_spider(); | |
| 1540 | + } | |
| 1541 | +} | |
| 1542 | + | |
| 1543 | +/* | |
| 1544 | +** A variant of cgi_parameter() with the same semantics except that if | |
| 1545 | +** the fetched value fails the might_be_sql() test then it calls | |
| 1546 | +** cgi_begone_spider() and does not return. | |
| 1547 | +*/ | |
| 1548 | +const char *cgi_parameter_nosql(const char *zName, const char *zDefault){ | |
| 1549 | + const char *zTxt = cgi_parameter(zName, zDefault); | |
| 1550 | + | |
| 1551 | + if( zTxt!=zDefault ){ | |
| 1552 | + cgi_value_spider_check(zTxt); | |
| 1553 | + } | |
| 1554 | + return zTxt; | |
| 1555 | +} | |
| 1509 | 1556 | |
| 1510 | 1557 | /* |
| 1511 | 1558 | ** Return the value of the first defined query parameter or cookie whose |
| 1512 | 1559 | ** name appears in the list of arguments. Or if no parameter is found, |
| 1513 | 1560 | ** return NULL. |
| 1514 | 1561 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -94,17 +94,19 @@ | |
| 94 | /* |
| 95 | ** Shortcuts for cgi_parameter. P("x") returns the value of query parameter |
| 96 | ** or cookie "x", or NULL if there is no such parameter or cookie. PD("x","y") |
| 97 | ** does the same except "y" is returned in place of NULL if there is not match. |
| 98 | */ |
| 99 | #define P(x) cgi_parameter((x),0) |
| 100 | #define PD(x,y) cgi_parameter((x),(y)) |
| 101 | #define PT(x) cgi_parameter_trimmed((x),0) |
| 102 | #define PDT(x,y) cgi_parameter_trimmed((x),(y)) |
| 103 | #define PB(x) cgi_parameter_boolean(x) |
| 104 | #define PCK(x) cgi_parameter_checked(x,1) |
| 105 | #define PIF(x,y) cgi_parameter_checked(x,y) |
| 106 | |
| 107 | /* |
| 108 | ** Shortcut for the cgi_printf() routine. Instead of using the |
| 109 | ** |
| 110 | ** @ ... |
| @@ -1504,10 +1506,55 @@ | |
| 1504 | } |
| 1505 | } |
| 1506 | CGIDEBUG(("no-match [%s]\n", zName)); |
| 1507 | return zDefault; |
| 1508 | } |
| 1509 | |
| 1510 | /* |
| 1511 | ** Return the value of the first defined query parameter or cookie whose |
| 1512 | ** name appears in the list of arguments. Or if no parameter is found, |
| 1513 | ** return NULL. |
| 1514 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -94,17 +94,19 @@ | |
| 94 | /* |
| 95 | ** Shortcuts for cgi_parameter. P("x") returns the value of query parameter |
| 96 | ** or cookie "x", or NULL if there is no such parameter or cookie. PD("x","y") |
| 97 | ** does the same except "y" is returned in place of NULL if there is not match. |
| 98 | */ |
| 99 | #define P(x) cgi_parameter((x),0) |
| 100 | #define PD(x,y) cgi_parameter((x),(y)) |
| 101 | #define PT(x) cgi_parameter_trimmed((x),0) |
| 102 | #define PDT(x,y) cgi_parameter_trimmed((x),(y)) |
| 103 | #define PB(x) cgi_parameter_boolean(x) |
| 104 | #define PCK(x) cgi_parameter_checked(x,1) |
| 105 | #define PIF(x,y) cgi_parameter_checked(x,y) |
| 106 | #define P_NoSQL(x) cgi_parameter_nosql((x),0) |
| 107 | #define PD_NoSQL(x,y) cgi_parameter_nosql((x),(y)) |
| 108 | |
| 109 | /* |
| 110 | ** Shortcut for the cgi_printf() routine. Instead of using the |
| 111 | ** |
| 112 | ** @ ... |
| @@ -1504,10 +1506,55 @@ | |
| 1506 | } |
| 1507 | } |
| 1508 | CGIDEBUG(("no-match [%s]\n", zName)); |
| 1509 | return zDefault; |
| 1510 | } |
| 1511 | |
| 1512 | /* |
| 1513 | ** Renders the "begone, spider" page and exists. |
| 1514 | */ |
| 1515 | static void cgi_begone_spider(void){ |
| 1516 | Blob content = empty_blob; |
| 1517 | |
| 1518 | cgi_set_content(&content); |
| 1519 | style_set_current_feature("test"); |
| 1520 | style_header("Spider Detected"); |
| 1521 | @ <h2>Begone, Spider!</h2> |
| 1522 | @ <p>This page was generated because Fossil believes it has |
| 1523 | @ detected a spider-based attack. If you believe you are seeing |
| 1524 | @ this in error, please contact us on the forum: https://fossil-scm.org/forum |
| 1525 | style_finish_page(); |
| 1526 | cgi_set_status(404,"Spider Detected"); |
| 1527 | cgi_reply(); |
| 1528 | exit(0); |
| 1529 | } |
| 1530 | |
| 1531 | /* |
| 1532 | ** If might_be_sql() returns true for the given string, calls |
| 1533 | ** cgi_begin_spider() and does not return, else this function has no |
| 1534 | ** side effects. The range of checks performed by this function may |
| 1535 | ** be extended in the future. |
| 1536 | */ |
| 1537 | void cgi_value_spider_check(const char *zTxt){ |
| 1538 | if( might_be_sql(zTxt) ){ |
| 1539 | cgi_begone_spider(); |
| 1540 | } |
| 1541 | } |
| 1542 | |
| 1543 | /* |
| 1544 | ** A variant of cgi_parameter() with the same semantics except that if |
| 1545 | ** the fetched value fails the might_be_sql() test then it calls |
| 1546 | ** cgi_begone_spider() and does not return. |
| 1547 | */ |
| 1548 | const char *cgi_parameter_nosql(const char *zName, const char *zDefault){ |
| 1549 | const char *zTxt = cgi_parameter(zName, zDefault); |
| 1550 | |
| 1551 | if( zTxt!=zDefault ){ |
| 1552 | cgi_value_spider_check(zTxt); |
| 1553 | } |
| 1554 | return zTxt; |
| 1555 | } |
| 1556 | |
| 1557 | /* |
| 1558 | ** Return the value of the first defined query parameter or cookie whose |
| 1559 | ** name appears in the list of arguments. Or if no parameter is found, |
| 1560 | ** return NULL. |
| 1561 |
+8
-8
| --- src/info.c | ||
| +++ src/info.c | ||
| @@ -453,12 +453,12 @@ | ||
| 453 | 453 | DiffConfig *construct_diff_flags(int diffType, DiffConfig *pCfg){ |
| 454 | 454 | u64 diffFlags = 0; /* Zero means do not show any diff */ |
| 455 | 455 | if( diffType>0 ){ |
| 456 | 456 | int x; |
| 457 | 457 | if( diffType==2 ) diffFlags = DIFF_SIDEBYSIDE; |
| 458 | - if( P("w") ) diffFlags |= DIFF_IGNORE_ALLWS; | |
| 459 | - if( PD("noopt",0)!=0 ) diffFlags |= DIFF_NOOPT; | |
| 458 | + if( P_NoSQL("w") ) diffFlags |= DIFF_IGNORE_ALLWS; | |
| 459 | + if( PD_NoSQL("noopt",0)!=0 ) diffFlags |= DIFF_NOOPT; | |
| 460 | 460 | diffFlags |= DIFF_STRIP_EOLCR; |
| 461 | 461 | diff_config_init(pCfg, diffFlags); |
| 462 | 462 | |
| 463 | 463 | /* "dc" query parameter determines lines of context */ |
| 464 | 464 | x = atoi(PD("dc","7")); |
| @@ -869,15 +869,15 @@ | ||
| 869 | 869 | style_header("Check-in Information"); |
| 870 | 870 | login_anonymous_available(); |
| 871 | 871 | } |
| 872 | 872 | db_finalize(&q1); |
| 873 | 873 | @ </div> |
| 874 | - builtin_request_js("accordion.js"); | |
| 874 | + builtin_request_js("accordion.js"); | |
| 875 | 875 | if( !PB("nowiki") ){ |
| 876 | 876 | wiki_render_associated("checkin", zUuid, 0); |
| 877 | 877 | } |
| 878 | - render_backlink_graph(zUuid, | |
| 878 | + render_backlink_graph(zUuid, | |
| 879 | 879 | "<div class=\"section accordion\">References</div>\n"); |
| 880 | 880 | @ <div class="section accordion">Context</div><div class="accordion_panel"> |
| 881 | 881 | render_checkin_context(rid, 0, 0, 0); |
| 882 | 882 | @ </div><div class="section accordion">Changes</div> |
| 883 | 883 | @ <div class="accordion_panel"> |
| @@ -1211,12 +1211,12 @@ | ||
| 1211 | 1211 | pTo = vdiff_parse_manifest("to", &ridTo); |
| 1212 | 1212 | if( pTo==0 ) return; |
| 1213 | 1213 | pFrom = vdiff_parse_manifest("from", &ridFrom); |
| 1214 | 1214 | if( pFrom==0 ) return; |
| 1215 | 1215 | zGlob = P("glob"); |
| 1216 | - zFrom = P("from"); | |
| 1217 | - zTo = P("to"); | |
| 1216 | + zFrom = P_NoSQL("from"); | |
| 1217 | + zTo = P_NoSQL("to"); | |
| 1218 | 1218 | if( bInvert ){ |
| 1219 | 1219 | Manifest *pTemp = pTo; |
| 1220 | 1220 | const char *zTemp = zTo; |
| 1221 | 1221 | pTo = pFrom; |
| 1222 | 1222 | pFrom = pTemp; |
| @@ -2494,11 +2494,11 @@ | ||
| 2494 | 2494 | zCI = fossil_strdup(db_column_text(&q, 1)); |
| 2495 | 2495 | zCIUuid = fossil_strdup(zCI); |
| 2496 | 2496 | url_add_parameter(&url, "ci", zCI); |
| 2497 | 2497 | } |
| 2498 | 2498 | db_finalize(&q); |
| 2499 | - if( rid==0 ){ | |
| 2499 | + if( rid==0 ){ | |
| 2500 | 2500 | style_header("No such file"); |
| 2501 | 2501 | @ File '%h(zName)' does not exist in this repository. |
| 2502 | 2502 | } |
| 2503 | 2503 | }else{ |
| 2504 | 2504 | style_header("No such artifact"); |
| @@ -3685,11 +3685,11 @@ | ||
| 3685 | 3685 | } |
| 3686 | 3686 | db_finalize(&q); |
| 3687 | 3687 | } |
| 3688 | 3688 | |
| 3689 | 3689 | #if INTERFACE |
| 3690 | -/* | |
| 3690 | +/* | |
| 3691 | 3691 | ** Description of a check-in relative to an earlier, tagged check-in. |
| 3692 | 3692 | */ |
| 3693 | 3693 | typedef struct CommitDescr { |
| 3694 | 3694 | char *zRelTagname; /* Tag name on the relative check-in */ |
| 3695 | 3695 | int nCommitsSince; /* Number of commits since then */ |
| 3696 | 3696 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -453,12 +453,12 @@ | |
| 453 | DiffConfig *construct_diff_flags(int diffType, DiffConfig *pCfg){ |
| 454 | u64 diffFlags = 0; /* Zero means do not show any diff */ |
| 455 | if( diffType>0 ){ |
| 456 | int x; |
| 457 | if( diffType==2 ) diffFlags = DIFF_SIDEBYSIDE; |
| 458 | if( P("w") ) diffFlags |= DIFF_IGNORE_ALLWS; |
| 459 | if( PD("noopt",0)!=0 ) diffFlags |= DIFF_NOOPT; |
| 460 | diffFlags |= DIFF_STRIP_EOLCR; |
| 461 | diff_config_init(pCfg, diffFlags); |
| 462 | |
| 463 | /* "dc" query parameter determines lines of context */ |
| 464 | x = atoi(PD("dc","7")); |
| @@ -869,15 +869,15 @@ | |
| 869 | style_header("Check-in Information"); |
| 870 | login_anonymous_available(); |
| 871 | } |
| 872 | db_finalize(&q1); |
| 873 | @ </div> |
| 874 | builtin_request_js("accordion.js"); |
| 875 | if( !PB("nowiki") ){ |
| 876 | wiki_render_associated("checkin", zUuid, 0); |
| 877 | } |
| 878 | render_backlink_graph(zUuid, |
| 879 | "<div class=\"section accordion\">References</div>\n"); |
| 880 | @ <div class="section accordion">Context</div><div class="accordion_panel"> |
| 881 | render_checkin_context(rid, 0, 0, 0); |
| 882 | @ </div><div class="section accordion">Changes</div> |
| 883 | @ <div class="accordion_panel"> |
| @@ -1211,12 +1211,12 @@ | |
| 1211 | pTo = vdiff_parse_manifest("to", &ridTo); |
| 1212 | if( pTo==0 ) return; |
| 1213 | pFrom = vdiff_parse_manifest("from", &ridFrom); |
| 1214 | if( pFrom==0 ) return; |
| 1215 | zGlob = P("glob"); |
| 1216 | zFrom = P("from"); |
| 1217 | zTo = P("to"); |
| 1218 | if( bInvert ){ |
| 1219 | Manifest *pTemp = pTo; |
| 1220 | const char *zTemp = zTo; |
| 1221 | pTo = pFrom; |
| 1222 | pFrom = pTemp; |
| @@ -2494,11 +2494,11 @@ | |
| 2494 | zCI = fossil_strdup(db_column_text(&q, 1)); |
| 2495 | zCIUuid = fossil_strdup(zCI); |
| 2496 | url_add_parameter(&url, "ci", zCI); |
| 2497 | } |
| 2498 | db_finalize(&q); |
| 2499 | if( rid==0 ){ |
| 2500 | style_header("No such file"); |
| 2501 | @ File '%h(zName)' does not exist in this repository. |
| 2502 | } |
| 2503 | }else{ |
| 2504 | style_header("No such artifact"); |
| @@ -3685,11 +3685,11 @@ | |
| 3685 | } |
| 3686 | db_finalize(&q); |
| 3687 | } |
| 3688 | |
| 3689 | #if INTERFACE |
| 3690 | /* |
| 3691 | ** Description of a check-in relative to an earlier, tagged check-in. |
| 3692 | */ |
| 3693 | typedef struct CommitDescr { |
| 3694 | char *zRelTagname; /* Tag name on the relative check-in */ |
| 3695 | int nCommitsSince; /* Number of commits since then */ |
| 3696 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -453,12 +453,12 @@ | |
| 453 | DiffConfig *construct_diff_flags(int diffType, DiffConfig *pCfg){ |
| 454 | u64 diffFlags = 0; /* Zero means do not show any diff */ |
| 455 | if( diffType>0 ){ |
| 456 | int x; |
| 457 | if( diffType==2 ) diffFlags = DIFF_SIDEBYSIDE; |
| 458 | if( P_NoSQL("w") ) diffFlags |= DIFF_IGNORE_ALLWS; |
| 459 | if( PD_NoSQL("noopt",0)!=0 ) diffFlags |= DIFF_NOOPT; |
| 460 | diffFlags |= DIFF_STRIP_EOLCR; |
| 461 | diff_config_init(pCfg, diffFlags); |
| 462 | |
| 463 | /* "dc" query parameter determines lines of context */ |
| 464 | x = atoi(PD("dc","7")); |
| @@ -869,15 +869,15 @@ | |
| 869 | style_header("Check-in Information"); |
| 870 | login_anonymous_available(); |
| 871 | } |
| 872 | db_finalize(&q1); |
| 873 | @ </div> |
| 874 | builtin_request_js("accordion.js"); |
| 875 | if( !PB("nowiki") ){ |
| 876 | wiki_render_associated("checkin", zUuid, 0); |
| 877 | } |
| 878 | render_backlink_graph(zUuid, |
| 879 | "<div class=\"section accordion\">References</div>\n"); |
| 880 | @ <div class="section accordion">Context</div><div class="accordion_panel"> |
| 881 | render_checkin_context(rid, 0, 0, 0); |
| 882 | @ </div><div class="section accordion">Changes</div> |
| 883 | @ <div class="accordion_panel"> |
| @@ -1211,12 +1211,12 @@ | |
| 1211 | pTo = vdiff_parse_manifest("to", &ridTo); |
| 1212 | if( pTo==0 ) return; |
| 1213 | pFrom = vdiff_parse_manifest("from", &ridFrom); |
| 1214 | if( pFrom==0 ) return; |
| 1215 | zGlob = P("glob"); |
| 1216 | zFrom = P_NoSQL("from"); |
| 1217 | zTo = P_NoSQL("to"); |
| 1218 | if( bInvert ){ |
| 1219 | Manifest *pTemp = pTo; |
| 1220 | const char *zTemp = zTo; |
| 1221 | pTo = pFrom; |
| 1222 | pFrom = pTemp; |
| @@ -2494,11 +2494,11 @@ | |
| 2494 | zCI = fossil_strdup(db_column_text(&q, 1)); |
| 2495 | zCIUuid = fossil_strdup(zCI); |
| 2496 | url_add_parameter(&url, "ci", zCI); |
| 2497 | } |
| 2498 | db_finalize(&q); |
| 2499 | if( rid==0 ){ |
| 2500 | style_header("No such file"); |
| 2501 | @ File '%h(zName)' does not exist in this repository. |
| 2502 | } |
| 2503 | }else{ |
| 2504 | style_header("No such artifact"); |
| @@ -3685,11 +3685,11 @@ | |
| 3685 | } |
| 3686 | db_finalize(&q); |
| 3687 | } |
| 3688 | |
| 3689 | #if INTERFACE |
| 3690 | /* |
| 3691 | ** Description of a check-in relative to an earlier, tagged check-in. |
| 3692 | */ |
| 3693 | typedef struct CommitDescr { |
| 3694 | char *zRelTagname; /* Tag name on the relative check-in */ |
| 3695 | int nCommitsSince; /* Number of commits since then */ |
| 3696 |
+18
| --- src/lookslike.c | ||
| +++ src/lookslike.c | ||
| @@ -460,5 +460,23 @@ | ||
| 460 | 460 | (lookFlags&LOOK_INVALID)?"yes":"no"); |
| 461 | 461 | fossil_print("Has flag LOOK_ODD: %s\n",(lookFlags&LOOK_ODD)?"yes":"no"); |
| 462 | 462 | fossil_print("Has flag LOOK_SHORT: %s\n",(lookFlags&LOOK_SHORT)?"yes":"no"); |
| 463 | 463 | blob_reset(&blob); |
| 464 | 464 | } |
| 465 | + | |
| 466 | +/* | |
| 467 | +** Returns true if the given text contains certain keywords or | |
| 468 | +** punctuation which indicate that it might be SQL. This is only a | |
| 469 | +** high-level check, not intended to be used for any application-level | |
| 470 | +** logic other than in defense against spiders in limited contexts. | |
| 471 | +*/ | |
| 472 | +int might_be_sql(const char *zTxt){ | |
| 473 | + if( zTxt==0 || zTxt[0]==0 ) return 0; | |
| 474 | +#define L(GLOB) 0==sqlite3_strlike("%" GLOB "%",zTxt, '%') | |
| 475 | + return L(";") || L("'") | |
| 476 | + || L("select") || L("order") || L("drop") | |
| 477 | + || L(" and ") || L(" or ") | |
| 478 | + /* ^^^^^ noting that \n and \t should also be checked */ | |
| 479 | + || L("null") || L("delete") || L("update") | |
| 480 | + || L("waitfor"); | |
| 481 | +#undef L | |
| 482 | +} | |
| 465 | 483 |
| --- src/lookslike.c | |
| +++ src/lookslike.c | |
| @@ -460,5 +460,23 @@ | |
| 460 | (lookFlags&LOOK_INVALID)?"yes":"no"); |
| 461 | fossil_print("Has flag LOOK_ODD: %s\n",(lookFlags&LOOK_ODD)?"yes":"no"); |
| 462 | fossil_print("Has flag LOOK_SHORT: %s\n",(lookFlags&LOOK_SHORT)?"yes":"no"); |
| 463 | blob_reset(&blob); |
| 464 | } |
| 465 |
| --- src/lookslike.c | |
| +++ src/lookslike.c | |
| @@ -460,5 +460,23 @@ | |
| 460 | (lookFlags&LOOK_INVALID)?"yes":"no"); |
| 461 | fossil_print("Has flag LOOK_ODD: %s\n",(lookFlags&LOOK_ODD)?"yes":"no"); |
| 462 | fossil_print("Has flag LOOK_SHORT: %s\n",(lookFlags&LOOK_SHORT)?"yes":"no"); |
| 463 | blob_reset(&blob); |
| 464 | } |
| 465 | |
| 466 | /* |
| 467 | ** Returns true if the given text contains certain keywords or |
| 468 | ** punctuation which indicate that it might be SQL. This is only a |
| 469 | ** high-level check, not intended to be used for any application-level |
| 470 | ** logic other than in defense against spiders in limited contexts. |
| 471 | */ |
| 472 | int might_be_sql(const char *zTxt){ |
| 473 | if( zTxt==0 || zTxt[0]==0 ) return 0; |
| 474 | #define L(GLOB) 0==sqlite3_strlike("%" GLOB "%",zTxt, '%') |
| 475 | return L(";") || L("'") |
| 476 | || L("select") || L("order") || L("drop") |
| 477 | || L(" and ") || L(" or ") |
| 478 | /* ^^^^^ noting that \n and \t should also be checked */ |
| 479 | || L("null") || L("delete") || L("update") |
| 480 | || L("waitfor"); |
| 481 | #undef L |
| 482 | } |
| 483 |