From 0369256720811e5247cbbe24b2f875cce259e01c Mon Sep 17 00:00:00 2001
From: Melanie
Date: Sat, 26 Dec 2009 23:38:11 +0000
Subject: Close a SQL injection loophole in the new database driver

---
 OpenSim/Data/MySQL/MySQLGenericTableHandler.cs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'OpenSim/Data/MySQL/MySQLGenericTableHandler.cs')

diff --git a/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs b/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs
index 4dfc324..58b95d7 100644
--- a/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs
+++ b/OpenSim/Data/MySQL/MySQLGenericTableHandler.cs
@@ -216,11 +216,12 @@ namespace OpenSim.Data.MySQL
                 foreach (KeyValuePair<string, string> kvp in data)
                 {
                     names.Add(kvp.Key);
-                    values.Add(kvp.Value);
+                    values.Add("?" + kvp.Key);
+                    cmd.Parameters.AddWithValue("?" + kvp.Key, kvp.Value);
                 }
             }
 
-            query = String.Format("replace into {0} (`", m_Realm) + String.Join("`,`", names.ToArray()) + "`) values ('" + String.Join("','", values.ToArray()) + "')";
+            query = String.Format("replace into {0} (`", m_Realm) + String.Join("`,`", names.ToArray()) + "`) values (" + String.Join(",", values.ToArray()) + ")";
 
             cmd.CommandText = query;
 
-- 
cgit v1.1