From a6569855187d7888fdfc52a4ca7d3344df09b57c Mon Sep 17 00:00:00 2001 From: kervala Date: Tue, 18 Oct 2016 17:44:47 +0200 Subject: [PATCH] Fixed: Possible SQL injection, fixes #297 --HG-- branch : develop --- code/ryzom/server/src/monitor_service/service_main.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/code/ryzom/server/src/monitor_service/service_main.cpp b/code/ryzom/server/src/monitor_service/service_main.cpp index bf092bbae..b74830665 100644 --- a/code/ryzom/server/src/monitor_service/service_main.cpp +++ b/code/ryzom/server/src/monitor_service/service_main.cpp @@ -379,8 +379,12 @@ void clientAuthentication(CMessage &msgin, TSockId from, CCallbackNetBase &netba { if (!Clients[i]->BadLogin) // don't allow new login attempt while thisflag is set { + // escape login + char esccapedLogin[100]; + size_t len = mysql_real_escape_string(DatabaseConnection, esccapedLogin, login.c_str(), login.length()); + // make a db request to to db to see if password is valid - std::string queryStr = toString("SELECT Password FROM user where Login='%s'", login.c_str()); + std::string queryStr = toString("SELECT Password FROM user where Login='%s'", esccapedLogin); int result = mysql_query(DatabaseConnection, queryStr.c_str()); if (result == 0) {