mirror/MuditaOS
1
0
Fork 0
mirror of https://github.com/mudita/MuditaOS.git synced 2026-06-16 12:29:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

[EGD-6947] Fix SQL vulnerabilities

Browse Source 
These were potential security holes allowing SQL injections.
This commit is contained in:
Wiktor S. Ovalle Correa
2021-06-17 10:18:28 +02:00
committed by Wiktor S. Ovalle Correa
parent 30ae0e08ca
commit fca0452802
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
module-db/Tables/NotesTable.cpp
View File

@@ -125,7 +125,7 @@ std::pair<std::vector<NotesTableRow>, int> NotesTable::getByText(const std::stri
{
unsigned int count = 0;
auto queryRet = db->query("SELECT COUNT(*), INSTR(snippet,'%s') pos FROM notes WHERE pos > 0;", text.c_str());
auto queryRet = db->query("SELECT COUNT(*), INSTR(snippet,'%q') pos FROM notes WHERE pos > 0;", text.c_str());
if (queryRet && queryRet->getRowCount() != 0) {
count = (*queryRet)[0].getUInt32();
}