[sr-dev] git:master:e617ef84: secfilter: little fix in w_check_sqli
Jose Luis Verdeguer
pepeluxx at gmail.com
Thu Nov 3 14:34:36 CET 2022
Module: kamailio
Branch: master
Commit: e617ef84c3bbd3bbcb780991bc45216112056f94
URL: https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc45216112056f94
Author: Jose Luis Verdeguer <pepeluxx at gmail.com>
Committer: Jose Luis Verdeguer <pepeluxx at gmail.com>
Date: 2022-11-03T14:34:17+01:00
secfilter: little fix in w_check_sqli
---
Modified: src/modules/secfilter/secfilter.c
---
Diff: https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc45216112056f94.diff
Patch: https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc45216112056f94.patch
---
diff --git a/src/modules/secfilter/secfilter.c b/src/modules/secfilter/secfilter.c
index 90e7891aa6..5e967b2204 100644
--- a/src/modules/secfilter/secfilter.c
+++ b/src/modules/secfilter/secfilter.c
@@ -283,7 +283,7 @@ static int w_check_sqli(str val)
memcpy(cval, val.s, val.len);
if(strstr(cval, "'") || strstr(cval, "\"") || strstr(cval, "--")
- || strstr(cval, "%27") || strstr(cval, "%24")
+ || strstr(cval, "%27") || strstr(cval, "%22")
|| strstr(cval, "%60")) {
/* Illegal characters found */
lock_get(secf_lock);
More information about the sr-dev
mailing list