Fixing not escaped single quote in vuln detector SQL query#5570
Merged
chemamartinez merged 4 commits intodevelopfrom Jul 31, 2020
Merged
Fixing not escaped single quote in vuln detector SQL query#5570chemamartinez merged 4 commits intodevelopfrom
chemamartinez merged 4 commits intodevelopfrom
Conversation
…es in SQL queries
DProvinciani
commented
Jul 28, 2020
| snprintf(buffer, OS_SIZE_6144, vu_queries[VU_SYSC_UPDATE_CPE], | ||
| // If the vendor or package string contains single quotation characters | ||
| // sqlite3_snprintf will escape them with double single quotes to avoid breaking the SQL query | ||
| sqlite3_snprintf(OS_SIZE_6144, buffer, vu_queries[VU_SYSC_UPDATE_CPE], |
Contributor
Author
There was a problem hiding this comment.
The usage of this API resolves the issue of single quotes in the query.
https://www.sqlite.org/c3ref/mprintf.html
https://www.sqlite.org/printf.html#percentq
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR adds a mechanism to escape a
'(single quote characters) from the string fields used in a vulnerability-detector SQL query. The escape sequence is''(double single quotes) as specified by SQL language.For performance reasons, we decided to only apply this logic to the
vendorandpackagestrings. It wouldn't be expected to have that kind of character in theCPE,version, orarchstrings.Tests