Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Defend against undefined values in query parameters in the cgi_check_for_malice() routine. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
08df33aa4cae9f3a476ae50a6b6dc2fc |
User & Date: | drh 2024-04-09 17:38:01 |
Context
2024-04-10
| ||
11:31 | When preparing a pattern for FTS search, if the pattern is empty convert it into a double-quoted empty string, to avoid FTS5 errors. ... (check-in: 5bb323ff user: drh tags: trunk) | |
2024-04-09
| ||
17:38 | Defend against undefined values in query parameters in the cgi_check_for_malice() routine. ... (check-in: 08df33aa user: drh tags: trunk) | |
2024-04-08
| ||
12:40 | Update the built-in SQLite to the latest version from trunk, for SQLite testing. ... (check-in: e9d8c04c user: drh tags: trunk) | |
Changes
Changes to src/cgi.c.
︙ | ︙ | |||
2772 2773 2774 2775 2776 2777 2778 | ** implementation as possible, ideally just before it begins doing ** potentially CPU-intensive computations and after all query parameters ** have been consulted. */ void cgi_check_for_malice(void){ struct QParam * pParam; int i; | | | > > | > | 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 | ** implementation as possible, ideally just before it begins doing ** potentially CPU-intensive computations and after all query parameters ** have been consulted. */ void cgi_check_for_malice(void){ struct QParam * pParam; int i; for(i=0; i<nUsedQP; ++i){ pParam = &aParamQP[i]; if( 0==pParam->isFetched && pParam->zValue!=0 && pParam->zName!=0 && fossil_islower(pParam->zName[0]) ){ cgi_value_spider_check(pParam->zValue, pParam->zName); } } } |