arno/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole synced 2025-01-18 12:00:55 +00:00
Code Issues Releases Wiki Activity

Use printf to escape domain content. This prevents possible SQL injection issues

Browse Source 
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2019-05-04 18:25:11 +02:00
parent 5246b3e496
commit a904c183df
No known key found for this signature in database
GPG Key ID: 00135ACBD90B28DD
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
advanced/Scripts/query.sh
View File

@ -104,7 +104,7 @@ fi
scanDatabaseTable() { scanDatabaseTable() {
local domain table type querystr result table_prev local domain table type querystr result table_prev
domain="${1}" domain="$(printf "%q" "${1}")"
table="${2}" table="${2}"
type="${3:-}" type="${3:-}"