4 messages in com.mysql.lists.plusplusescape_string() buggy
FromSent OnAttachments
Sinisa Milivojevic31 Oct 2003 02:57 
Matthias Dahl31 Oct 2003 03:02 
Matthias Dahl31 Oct 2003 03:22 
Sinisa Milivojevic01 Nov 2003 02:54 
Subject:escape_string() buggy
From:Matthias Dahl (mdml@designassembly.de)
Date:10/31/2003 03:02:26 AM
List:com.mysql.lists.plusplus

Dear everyone,

during my tries to get my previous problem (post: "quote manipulators") solved, I have run into(what I consider) a serious bug.

The method escape_string() does *not* correctly escape '"' characters. It produces "\ instead of \". After a long search on the net, I even figured this is a long standing unfixed bug. This could lead to *serious* security related problems if one relies on this function to properly escape user input. A user could indirectly access the database by entering a modified string.

I hope this gets fixed sooner rather than later... thanks in advance! matthias dahl