summaryrefslogtreecommitdiff
path: root/src/modules/extra
diff options
context:
space:
mode:
authorattilamolnar <attilamolnar@hush.com>2013-06-01 20:53:32 +0200
committerattilamolnar <attilamolnar@hush.com>2013-06-01 20:53:32 +0200
commit0e09600a431d0e0f2cde6457e088d84caf6d6f5d (patch)
treebb69bed98b85b3ffd8aa76b6bea8238b01cd4db9 /src/modules/extra
parentc70a6b5699ef905c05bc669fb6cc9c16f33c6787 (diff)
m_mysql Fix escaping strings longer than MAXBUF/2
Quotes from the documentation: "You must allocate the to buffer to be at least length*2+1 bytes long. (In the worst case, each character may need to be encoded as using two bytes, and you need room for the terminating null byte.)" "The return value is the length of the encoded string, not including the terminating null character." http://dev.mysql.com/doc/refman/5.6/en/mysql-real-escape-string.html
Diffstat (limited to 'src/modules/extra')
-rw-r--r--src/modules/extra/m_mysql.cpp18
1 files changed, 12 insertions, 6 deletions
diff --git a/src/modules/extra/m_mysql.cpp b/src/modules/extra/m_mysql.cpp
index 16c4485f3..b2bb44408 100644
--- a/src/modules/extra/m_mysql.cpp
+++ b/src/modules/extra/m_mysql.cpp
@@ -333,10 +333,15 @@ class SQLConnection : public SQLProvider
if (param < p.size())
{
std::string parm = p[param++];
- char buffer[MAXBUF];
- mysql_escape_string(buffer, parm.c_str(), parm.length());
+ // In the worst case, each character may need to be encoded as using two bytes,
+ // and one byte is the terminating null
+ std::vector<char> buffer(parm.length() * 2 + 1);
+
+ // The return value of mysql_escape_string() is the length of the encoded string,
+ // not including the terminating null
+ unsigned long escapedsize = mysql_escape_string(&buffer[0], parm.c_str(), parm.length());
// mysql_real_escape_string(connection, queryend, paramscopy[paramnum].c_str(), paramscopy[paramnum].length());
- res.append(buffer);
+ res.append(&buffer[0], escapedsize);
}
}
}
@@ -362,9 +367,10 @@ class SQLConnection : public SQLProvider
if (it != p.end())
{
std::string parm = it->second;
- char buffer[MAXBUF];
- mysql_escape_string(buffer, parm.c_str(), parm.length());
- res.append(buffer);
+ // NOTE: See above
+ std::vector<char> buffer(parm.length() * 2 + 1);
+ unsigned long escapedsize = mysql_escape_string(&buffer[0], parm.c_str(), parm.length());
+ res.append(&buffer[0], escapedsize);
}
}
}