Ticket #2 (assigned defect)

Opened 1 year ago

Last modified 1 year ago

[SECURITY] use taint/untaint before execution of custom sql

Reported by: gaspard Assigned to: gaspard (accepted)
Priority: critical Milestone: 1.0
Component: zena Keywords:
Cc: Estimated Number of Hours: 3
Add Hours to Ticket: Billable?: 0
Total Hours:

Description

Better protection against SQL injection using connection.quote().

Change History

2007-08-13 12:51:31 changed by gaspard

  • milestone set to 0.8.

2007-08-29 18:11:35 changed by gaspard

  • hours changed.
  • estimatedhours set to 3.
  • status changed from new to assigned.
  • billable changed.

All input data that is used in custom SQL is already escaped using a simple regex or to_i.

We should use the taint mechanism and raise if tainted strings arrive to connection.execute.

2007-08-29 18:14:55 changed by gaspard

  • summary changed from [SECURITY] quote all custom sql to [SECURITY] use taint/untaint before execution of custom sql.
  • milestone changed from 0.8 to 1.0.