]> git.evergreen-ils.org Git - Evergreen.git/commit
projects / Evergreen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9b7d7b9) | patch
1. In searchFieldTransform(): make sure that the function name and subcolumn,
authorscottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Tue, 14 Apr 2009 14:22:17 +0000 (14:22 +0000)
committerscottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Tue, 14 Apr 2009 14:22:17 +0000 (14:22 +0000)
commit784feed98b172459cc1b4eaf9eb00f12c57bcfe6
tree7c8aca60f1da022a7f9354bee006665d3b464bebtree
parent9b7d7b9c4d9ab106c77cfe5073dd4beec41893a2commit | diff
1. In searchFieldTransform(): make sure that the function name and subcolumn,
when present, look like identifiers; i.e. protect against SQL injection.

2. Check for a NULL return value whenever calling searchFieldTransform().

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12864 dcc99617-32d9-48b4-a31d-7c20da2025e4
Open-ILS/src/c-apps/oils_cstore.c diff | blob | history
Evergreen ILS