Fossil SCM
Fix two potential SQL injection attacks.
Commit
71384ce6688c9dbea3083527fcebb442f238f1fd
Parent
1a1aa98a4091d65…
1 file changed
+2
-2
+2
-2
| --- src/http_ssl.c | ||
| +++ src/http_ssl.c | ||
| @@ -523,11 +523,11 @@ | ||
| 523 | 523 | |
| 524 | 524 | db_open_config(0); |
| 525 | 525 | db_swap_connections(); |
| 526 | 526 | if( db_exists( |
| 527 | 527 | "SELECT 1 FROM certs" |
| 528 | - " WHERE name='%s'", | |
| 528 | + " WHERE name='%q'", | |
| 529 | 529 | zContainer)!=0 ){ |
| 530 | 530 | fossil_fatal("certificate group \"%s\" already exists", zContainer); |
| 531 | 531 | } |
| 532 | 532 | db_begin_transaction(); |
| 533 | 533 | if( zCKey ){ |
| @@ -601,11 +601,11 @@ | ||
| 601 | 601 | |
| 602 | 602 | db_open_config(0); |
| 603 | 603 | db_swap_connections(); |
| 604 | 604 | db_begin_transaction(); |
| 605 | 605 | |
| 606 | - db_multi_exec("DELETE FROM global_config WHERE name='certgroup:%s'", | |
| 606 | + db_multi_exec("DELETE FROM global_config WHERE name='certgroup:%q'", | |
| 607 | 607 | zURL); |
| 608 | 608 | if( db_changes() == 0 ){ |
| 609 | 609 | fossil_warning("No certificate group associated with URL \"%s\".", |
| 610 | 610 | zURL); |
| 611 | 611 | }else{ |
| 612 | 612 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -523,11 +523,11 @@ | |
| 523 | |
| 524 | db_open_config(0); |
| 525 | db_swap_connections(); |
| 526 | if( db_exists( |
| 527 | "SELECT 1 FROM certs" |
| 528 | " WHERE name='%s'", |
| 529 | zContainer)!=0 ){ |
| 530 | fossil_fatal("certificate group \"%s\" already exists", zContainer); |
| 531 | } |
| 532 | db_begin_transaction(); |
| 533 | if( zCKey ){ |
| @@ -601,11 +601,11 @@ | |
| 601 | |
| 602 | db_open_config(0); |
| 603 | db_swap_connections(); |
| 604 | db_begin_transaction(); |
| 605 | |
| 606 | db_multi_exec("DELETE FROM global_config WHERE name='certgroup:%s'", |
| 607 | zURL); |
| 608 | if( db_changes() == 0 ){ |
| 609 | fossil_warning("No certificate group associated with URL \"%s\".", |
| 610 | zURL); |
| 611 | }else{ |
| 612 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -523,11 +523,11 @@ | |
| 523 | |
| 524 | db_open_config(0); |
| 525 | db_swap_connections(); |
| 526 | if( db_exists( |
| 527 | "SELECT 1 FROM certs" |
| 528 | " WHERE name='%q'", |
| 529 | zContainer)!=0 ){ |
| 530 | fossil_fatal("certificate group \"%s\" already exists", zContainer); |
| 531 | } |
| 532 | db_begin_transaction(); |
| 533 | if( zCKey ){ |
| @@ -601,11 +601,11 @@ | |
| 601 | |
| 602 | db_open_config(0); |
| 603 | db_swap_connections(); |
| 604 | db_begin_transaction(); |
| 605 | |
| 606 | db_multi_exec("DELETE FROM global_config WHERE name='certgroup:%q'", |
| 607 | zURL); |
| 608 | if( db_changes() == 0 ){ |
| 609 | fossil_warning("No certificate group associated with URL \"%s\".", |
| 610 | zURL); |
| 611 | }else{ |
| 612 |