[OpenSIPS-Devel] [ opensips-Bugs-2721023 ] strtok in db_berkeley
SourceForge.net
noreply at sourceforge.net
Fri Oct 9 13:48:39 CEST 2009
Bugs item #2721023, was opened at 2009-03-29 20:46
Message generated for change (Comment added) made by andreidragus
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2721023&group_id=232389
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: trunk
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Andrei Dragus (andreidragus)
Summary: strtok in db_berkeley
Initial Comment:
db_berkeley uses pipe character (|) as a field delimiter in a row (row is just a character string). But for parsing the row it uses function strtok(row,"|") which will lead to errors when we have sequences of two and more pipes (i.e. the fields values between them are empty strings), because strtok never returns empty strings and proceeds to the next until non-empty token will be found. So it will result in a the wrong number of fields in processed row.
It would be better to switch to strsep function which process tokens one in a time.
----------------------------------------------------------------------
>Comment By: Andrei Dragus (andreidragus)
Date: 2009-10-09 14:48
Message:
Fixed starting with r 6239
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2009-09-27 13:56
Message:
First step will be fixing the strtok ->strsep
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2009-04-01 21:21
Message:
according the man page, there is no difference between strtok and strsep,
except handling the empty empty fields.
But, in both case, the risk for injection is the same, IMO. so it
shouldn;t be worst by replacing the functions.
BTW, is there any way of doing escaping for the | ?
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2009-03-30 08:20
Message:
Sorry, current implementation of db_berkeley is very limited and may be
even dangerous (what happens if attacker embeds into packet sent to server
a sequence of pipe characters which later will be inserted into database by
the server). So fixing the bugs there is senseless because the bugs so to
say compensate each other. Even better is not use the module.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2721023&group_id=232389
More information about the Devel
mailing list