Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-05-22 15:51:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed sql injection bug using sqlite prepared statements.

Browse source 
added more doc detail to contentvalue (put takes private copy of data).
binds to content pointers take private copy of content.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@6320 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
chrisparker126 2013-04-20 13:39:02 +00:00
parent 533d1f429a
commit c5c559ffe1
7 changed files with 372 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

98
libretroshare/src/util/rsdbbind.h Normal file
View file

@ -0,0 +1,98 @@
#ifndef RSDBBIND_H_
#define RSDBBIND_H_
/*
* RetroShare : RetroDb functionality
*
* Copyright 2013 Christopher Evi-Parker
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License Version 2 as published by the Free Software Foundation.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA.
*
* Please report all bugs and problems to "retroshare@lunamutt.com".
*
*/
#include <string>
#include <inttypes.h>
#include <sqlite3.h>
class RetroBind
{
public:
enum BindType { BLOB=1, STRING, INT32, INT64, DOUBLE, BOOL } ;
RetroBind(const BindType& type, int index) : mIndex(index), mType(type) {}
virtual bool bind(sqlite3_stmt* const stm) const = 0;
BindType getType() const { return mType; }
inline int getIndex() const { return mIndex;}
virtual ~RetroBind() {}
private:
int mIndex;
BindType mType;
};
class RsDoubleBind : public RetroBind
{
public:
RsDoubleBind(double value, int index);
bool bind(sqlite3_stmt* const stm) const;
double mValue;
};
class RsStringBind : public RetroBind
{
public:
RsStringBind(const std::string& value, int index);
bool bind(sqlite3_stmt* const stm) const ;
std::string mValue;
};
class RsInt32Bind : public RetroBind
{
public:
RsInt32Bind(int32_t value, int index);
bool bind(sqlite3_stmt* const stm) const ;
int32_t mValue;
};
class RsInt64bind : public RetroBind
{
public:
RsInt64bind(int64_t value, int index);
bool bind(sqlite3_stmt* const stm) const ;
int64_t mValue;
};
class RsBoolBind : public RetroBind
{
public:
RsBoolBind(bool value, int index);
bool bind(sqlite3_stmt* const stm) const ;
bool mValue;
};
class RsBlobBind : public RetroBind
{
public:
RsBlobBind(char* data, uint32_t dataLen, int index);
bool bind(sqlite3_stmt* const stm) const;
char* mData;
uint32_t mDataLen;
};
#endif /* RSDBBIND_H_ */