[Koha-bugs] [Bug 8171] Improper escaping of quotes during z39.50 queries leads to potential malicious code execution
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Jun 1 01:15:28 CEST 2012
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8171
Chris Cormack <chris at bigballofwax.co.nz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chris at bigballofwax.co.nz
--- Comment #1 from Chris Cormack <chris at bigballofwax.co.nz> ---
Hi William
On line 228 term is the name of the column. It is not the variable.
The variable is in
$sth->execute($query, $type, $serverlist, $requestid);
The query is escaped by use of placeholders ie the (?,?,?,?)
Which means $query is escaped and replaces the first ? in that list.
So that part is not the problem, I suspect the actual problem is that the ""
are not escaped when doing the actual search.
Ill leave this open because it is a valid but, bug I don't think your solution
will work (or addresses the problem :))
If you want to read up about placeholders please look here
http://search.cpan.org/dist/DBI/DBI.pm#Placeholders_and_Bind_Values
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list