diff options
| -rw-r--r-- | Changes | 1 | ||||
| -rw-r--r-- | include/extern.h | 1 | ||||
| -rw-r--r-- | src/hostserv.c | 6 | ||||
| -rw-r--r-- | src/nickserv.c | 14 | ||||
| -rw-r--r-- | src/rdb.c | 83 | ||||
| -rw-r--r-- | version.log | 6 |
6 files changed, 84 insertions, 27 deletions
@@ -2,6 +2,7 @@ Anope Version S V N -------------------- 10/15 F MySQL detection now checks for valid values from mysql_config. [ #00] 10/15 F Correctly compiling mod_version with module options now. [ #00] +10/16 F MySQL functions did not always escape all values correctly. [#612] Anope Version 1.7.16 -------------------- diff --git a/include/extern.h b/include/extern.h index 3f5da4853..efe5fb85c 100644 --- a/include/extern.h +++ b/include/extern.h @@ -490,6 +490,7 @@ E int NumUlines; E int rdb_init(); E int rdb_open(); E int rdb_close(); +E char *rdb_quote(char *str); E int rdb_tag_table(char *table); E int rdb_clear_table(char *table); E int rdb_scrub_table(char *table, char *clause); diff --git a/src/hostserv.c b/src/hostserv.c index d089f5e73..d8c8af96b 100644 --- a/src/hostserv.c +++ b/src/hostserv.c @@ -318,6 +318,7 @@ void delHostCore(char *nick) { #ifdef USE_RDB static char clause[128]; + char *q_nick; #endif HostCore *tmp; boolean found = false; @@ -328,10 +329,11 @@ void delHostCore(char *nick) #ifdef USE_RDB /* Reflect this change in the database right away. */ if (rdb_open()) { - - snprintf(clause, sizeof(clause), "nick='%s'", nick); + q_nick = rdb_quote(nick); + snprintf(clause, sizeof(clause), "nick='%s'", q_nick); rdb_scrub_table("anope_hs_core", clause); rdb_close(); + free(q_nick); } #endif diff --git a/src/nickserv.c b/src/nickserv.c index 1c46a76c6..cb51c47b8 100644 --- a/src/nickserv.c +++ b/src/nickserv.c @@ -1406,6 +1406,7 @@ static int delcore(NickCore * nc) int i; #ifdef USE_RDB static char clause[128]; + char *q_display; #endif /* (Hopefully complete) cleanup */ cs_remove_nick(nc); @@ -1425,17 +1426,18 @@ static int delcore(NickCore * nc) #ifdef USE_RDB /* Reflect this change in the database right away. */ if (rdb_open()) { - - snprintf(clause, sizeof(clause), "display='%s'", nc->display); + q_display = rdb_quote(nc->display); + snprintf(clause, sizeof(clause), "display='%s'", q_display); rdb_scrub_table("anope_ns_access", clause); rdb_scrub_table("anope_ns_core", clause); rdb_scrub_table("anope_cs_access", clause); /* I'm unsure how to clean up the OS ADMIN/OPER list on the db */ /* I wish the "display" primary key would be the same on all tables */ snprintf(clause, sizeof(clause), "receiver='%s' AND serv='NICK'", - nc->display); + q_display); rdb_scrub_table("anope_ms_info", clause); rdb_close(); + free(q_display); } #endif @@ -1509,6 +1511,7 @@ int delnick(NickAlias * na) { #ifdef USE_RDB static char clause[128]; + char *q_nick; #endif /* First thing to do: remove any timeout belonging to the nick we're deleting */ clean_ns_timeouts(na); @@ -1552,10 +1555,11 @@ int delnick(NickAlias * na) #ifdef USE_RDB /* Reflect this change in the database right away. */ if (rdb_open()) { - - snprintf(clause, sizeof(clause), "nick='%s'", na->nick); + q_nick = rdb_quote(na->nick); + snprintf(clause, sizeof(clause), "nick='%s'", q_nick); rdb_scrub_table("anope_ns_alias", clause); rdb_close(); + free(q_nick); } #endif @@ -48,6 +48,15 @@ int rdb_close() /*************************************************************************/ +char *rdb_quote(char *str) +{ +#ifdef USE_MYSQL + return db_mysql_quote(str); +#endif +} + +/*************************************************************************/ + int rdb_tag_table(char *table) { static char buf[1024]; @@ -114,48 +123,56 @@ int rdb_direct_query(char *query) int rdb_ns_set_display(char *newnick, char *oldnick) { static char buf[1024]; + char *q_newnick; + char *q_oldnick; + + q_newnick = rdb_quote(newnick); + q_oldnick = rdb_quote(oldnick); #ifdef USE_MYSQL /* Change the display on NS_CORE */ snprintf(buf, sizeof(buf), "UPDATE anope_ns_core SET display='%s' WHERE display='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Change the display on NS_ALIAS for all grouped nicks */ snprintf(buf, sizeof(buf), "UPDATE anope_ns_alias SET display='%s' WHERE display='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Change the display on ChanServ ACCESS list */ snprintf(buf, sizeof(buf), "UPDATE anope_cs_access SET display='%s' WHERE display='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Change the display on ChanServ AKICK list */ snprintf(buf, sizeof(buf), "UPDATE anope_cs_akicks SET creator='%s' WHERE creator='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Change the display on MemoServ sent memos */ snprintf(buf, sizeof(buf), "UPDATE anope_ms_info SET sender='%s' WHERE sender='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Change the display on MemoServ received memos */ snprintf(buf, sizeof(buf), "UPDATE anope_ms_info SET receiver='%s' WHERE receiver='%s'", - newnick, oldnick); + q_newnick, q_oldnick); db_mysql_query(buf); /* Need to do bwords and akills */ #endif + free(q_newnick); + free(q_oldnick); + return 0; } @@ -164,21 +181,28 @@ int rdb_ns_set_display(char *newnick, char *oldnick) int rdb_cs_deluser(char *nick) { static char buf[1024]; + char *q_nick; + + q_nick = rdb_quote(nick); #ifdef USE_MYSQL snprintf(buf, sizeof(buf), "UPDATE anope_cs_info SET successor=NULL WHERE successor='%s'", - nick); + q_nick); db_mysql_query(buf); - snprintf(buf, sizeof(buf), "display='%s'", nick); + snprintf(buf, sizeof(buf), "display='%s'", q_nick); rdb_scrub_table("anope_cs_access", buf); - snprintf(buf, sizeof(buf), "creator='%s'", nick); + snprintf(buf, sizeof(buf), "creator='%s'", q_nick); rdb_scrub_table("anope_cs_akicks", buf); + free(q_nick); + return 1; #endif + free(q_nick); + return 0; } @@ -187,19 +211,23 @@ int rdb_cs_deluser(char *nick) int rdb_cs_delchan(ChannelInfo * ci) { static char buf[1024]; - char *channel = ci->name; + char *q_channel; + char *q_founder; + + q_channel = rdb_quote(ci->name); + q_founder = rdb_quote(ci->founder->display); #ifdef USE_MYSQL snprintf(buf, sizeof(buf), "UPDATE anope_cs_info SET successor=NULL WHERE name='%s'", - channel); + q_channel); db_mysql_query(buf); - snprintf(buf, sizeof(buf), "name='%s'", channel); + snprintf(buf, sizeof(buf), "name='%s'", q_channel); rdb_scrub_table("anope_cs_info", buf); - snprintf(buf, sizeof(buf), "receiver='%s' AND serv='CHAN'", channel); + snprintf(buf, sizeof(buf), "receiver='%s' AND serv='CHAN'", q_channel); rdb_scrub_table("anope_ms_info", buf); - snprintf(buf, sizeof(buf), "channel='%s'", channel); + snprintf(buf, sizeof(buf), "channel='%s'", q_channel); rdb_scrub_table("anope_cs_access", buf); rdb_scrub_table("anope_cs_akicks", buf); rdb_scrub_table("anope_cs_levels", buf); @@ -207,13 +235,19 @@ int rdb_cs_delchan(ChannelInfo * ci) if (ci->founder) { snprintf(buf, sizeof(buf), "update anope_ns_core set channelcount=channelcount-1 where display='%s'", - ci->founder->display); + q_founder); db_mysql_query(buf); } + free(q_channel); + free(q_founder); + return 1; #endif + free(q_channel); + free(q_founder); + return 0; } @@ -222,26 +256,37 @@ int rdb_cs_delchan(ChannelInfo * ci) int rdb_cs_set_founder(char *channel, char *founder) { static char buf[1024]; + char *q_channel; + char *q_founder; + + q_channel = rdb_quote(channel); + q_founder = rdb_quote(founder); #ifdef USE_MYSQL snprintf(buf, sizeof(buf), "UPDATE anope_cs_info SET founder='%s', successor=NULL WHERE name='%s'", - founder, channel); + q_founder, q_channel); db_mysql_query(buf); snprintf(buf, sizeof(buf), "UPDATE anope_ns_core SET channelcount=channelcount+1 WHERE display='%s'", - founder); + q_founder); db_mysql_query(buf); /* Do i need to scrub the access list for this channel ? */ - snprintf(buf, sizeof(buf), "display='%s' AND channel='%s'", founder, - channel); + snprintf(buf, sizeof(buf), "display='%s' AND channel='%s'", q_founder, + q_channel); rdb_scrub_table("anope_cs_access", buf); + free(q_channel); + free(q_founder); + return 1; #endif + free(q_channel); + free(q_founder); + return 0; } diff --git a/version.log b/version.log index 63ccb8a73..e4b513d44 100644 --- a/version.log +++ b/version.log @@ -9,10 +9,14 @@ VERSION_MAJOR="1" VERSION_MINOR="7" VERSION_PATCH="16" VERSION_EXTRA="-svn" -VERSION_BUILD="1174" +VERSION_BUILD="1175" # $Log$ # +# BUILD : 1.7.16 (1175) +# BUGS : 612 +# NOTES : Fixed a number of MySQL/RDB-related functions which did not correctly escape their arguments +# # BUILD : 1.7.16 (1174) # BUGS : # NOTES : Fixed src/mod_version.c to be compiled with module options and added an additional check to see if the values returned by mysql_config are valid |