Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita5f175d

Browse files
committed
libinjection sync
1 parentfcb6dc1 commita5f175d

File tree

2 files changed

+44
-18
lines changed

2 files changed

+44
-18
lines changed

‎apache2/libinjection/libinjection.h‎

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,13 +14,6 @@
1414
extern"C" {
1515
#endif
1616

17-
/*
18-
* Version info.
19-
* See python's normalized version
20-
* http://www.python.org/dev/peps/pep-0386/#normalizedversion
21-
*/
22-
#defineLIBINJECTION_VERSION "3.7.1"
23-
2417
/**
2518
* Libinjection's sqli module makes a "normalized"
2619
* value of the token. This is the maximum size
@@ -202,6 +195,20 @@ struct libinjection_sqli_token* libinjection_sqli_get_token(
202195

203196
typedefstructlibinjection_sqli_statesfilter;
204197

198+
199+
/*
200+
* Version info.
201+
*
202+
* This is moved into a function to allow SWIG and other auto-generated
203+
* binding to not be modified during minor release changes. We change
204+
* change the version number in the c source file, and not regenerated
205+
* the binding
206+
*
207+
* See python's normalized version
208+
* http://www.python.org/dev/peps/pep-0386/#normalizedversion
209+
*/
210+
constchar*libinjection_version();
211+
205212
/**
206213
*
207214
*/

‎apache2/libinjection/libinjection_sqli.c‎

Lines changed: 30 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@
1414
#include<assert.h>
1515
#include<stddef.h>
1616

17+
#defineLIBINJECTION_VERSION "3.8.0"
18+
1719
#ifndefTRUE
1820
#defineTRUE 1
1921
#endif
@@ -887,7 +889,7 @@ static size_t parse_word(struct libinjection_sqli_state * sf)
887889
constchar*cs=sf->s;
888890
size_tpos=sf->pos;
889891
size_twlen=strlencspn(cs+pos,sf->slen-pos,
890-
" []{}<>:\\?=@!#~+-*/&|^%(),';\t\n\v\f\r\"\000");
892+
" []{}<>:\\?=@!#~+-*/&|^%(),';\t\n\v\f\r\"\240\000");
891893

892894
st_assign(sf->current,TYPE_BAREWORD,pos,wlen,cs+pos);
893895

@@ -1187,6 +1189,16 @@ static size_t parse_number(struct libinjection_sqli_state * sf)
11871189
returnpos;
11881190
}
11891191

1192+
/*
1193+
* API to return version. This allows us to increment the version
1194+
* without having to regenerated the SWIG (or other binding) in minor
1195+
* releases.
1196+
*/
1197+
constchar*libinjection_version()
1198+
{
1199+
returnLIBINJECTION_VERSION;
1200+
}
1201+
11901202
intlibinjection_sqli_tokenize(structlibinjection_sqli_state*sf)
11911203
{
11921204
pt2Functionfnptr;
@@ -1218,24 +1230,31 @@ int libinjection_sqli_tokenize(struct libinjection_sqli_state * sf)
12181230
/*
12191231
* get current character
12201232
*/
1221-
constunsignedch= (unsignedint) (s[*pos]);
1233+
constunsignedcharch= (unsignedint) (s[*pos]);
12221234

12231235
/*
12241236
* if not ascii, then continue...
12251237
* actually probably need to just assuming
12261238
* it's a string
12271239
*/
12281240
if (ch>127) {
1229-
fnptr=parse_word;
1230-
}else {
12311241

1232-
/*
1233-
* look up the parser, and call it
1234-
*
1235-
* Porting Note: this is mapping of char to function
1236-
* charparsers[ch]()
1237-
*/
1238-
fnptr=char_parse_map[ch];
1242+
/* 160 or 0xA0 or octal 240 is "latin1 non-breaking space"
1243+
* but is treated as a space in mysql.
1244+
*/
1245+
if (ch==160) {
1246+
fnptr=parse_white;
1247+
}else {
1248+
fnptr=parse_word;
1249+
}
1250+
}else {
1251+
/*
1252+
* look up the parser, and call it
1253+
*
1254+
* Porting Note: this is mapping of char to function
1255+
* charparsers[ch]()
1256+
*/
1257+
fnptr=char_parse_map[ch];
12391258
}
12401259
*pos= (*fnptr) (sf);
12411260

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp