mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-13 22:42:26 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

mysql: fix unwrapped unsafe code of mysql lib (#6680). (#6681)

Browse source
This commit is contained in:
Rolf Schmidt 2020-10-26 10:21:28 +01:00 committed by GitHub
parent 8e478e8909
commit 3f5be0f4fc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
vlib/mysql/mysql.v
View file

@ -102,10 +102,8 @@ pub fn (conn Connection) tables(wildcard string) ?[]string {
// escape_string creates a legal SQL string for use in an SQL statement.
pub fn (conn Connection) escape_string(s string) string {
len := C.strlen(s.str)
to := malloc(2 * len + 1)
quote := byte(39) // single quote
C.mysql_real_escape_string_quote(conn.conn, to, s.str, len, quote)
to := malloc(2 * s.len + 1)
C.mysql_real_escape_string_quote(conn.conn, to, s.str, s.len, `\'`)
return unsafe {to.vstring()}
}