summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Powell <petpow@saberuk.com>2018-07-15 14:11:04 +0100
committerPeter Powell <petpow@saberuk.com>2018-07-15 14:15:35 +0100
commitd0dac3a2751e5b5edadf3befa8259f9902b9450b (patch)
tree8608990a677c14e2bd3f9d7847ad37c7e4c0acd5
parent227484c6c068eee8251cc4f13a0676bd8b2ecc8d (diff)
Use mysql_real_escape_string instead of mysql_escape string.
This is not exploitable as far as I know but it is probably best that we use the newer function just in case. Closes #649 (although the attack mentioned in that issue was not feasible).
-rw-r--r--src/modules/extra/m_mysql.cpp5
1 files changed, 2 insertions, 3 deletions
diff --git a/src/modules/extra/m_mysql.cpp b/src/modules/extra/m_mysql.cpp
index 0a7d4d993..9f17c1426 100644
--- a/src/modules/extra/m_mysql.cpp
+++ b/src/modules/extra/m_mysql.cpp
@@ -356,10 +356,9 @@ class SQLConnection : public SQL::Provider
// and one byte is the terminating null
std::vector<char> buffer(parm.length() * 2 + 1);
- // The return value of mysql_escape_string() is the length of the encoded string,
+ // The return value of mysql_real_escape_string() is the length of the encoded string,
// not including the terminating null
- unsigned long escapedsize = mysql_escape_string(&buffer[0], parm.c_str(), parm.length());
-// mysql_real_escape_string(connection, queryend, paramscopy[paramnum].c_str(), paramscopy[paramnum].length());
+ unsigned long escapedsize = mysql_real_escape_string(connection, &buffer[0], parm.c_str(), parm.length());
res.append(&buffer[0], escapedsize);
}
}