Close a SQL injection loophole in the new database driver

2009-12-26 23:38:11 +00:00 · 2009-12-26 23:38:11 +00:00 · 0369256720
parent 88b3b98811
commit 0369256720
1 changed files with 3 additions and 2 deletions
--- a/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs
+++ b/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs
@ -216,11 +216,12 @@ namespace OpenSim.Data.MySQL
                foreach (KeyValuePair<string, string> kvp in data)
                {
                    names.Add(kvp.Key);
-                    values.Add(kvp.Value);
+                    values.Add("?" + kvp.Key);
+                    cmd.Parameters.AddWithValue("?" + kvp.Key, kvp.Value);
                }
            }

-            query = String.Format("replace into {0} (`", m_Realm) + String.Join("`,`", names.ToArray()) + "`) values ('" + String.Join("','", values.ToArray()) + "')";
+            query = String.Format("replace into {0} (`", m_Realm) + String.Join("`,`", names.ToArray()) + "`) values (" + String.Join(",", values.ToArray()) + ")";

            cmd.CommandText = query;