| From: | barry(at)svr1(dot)postgresql(dot)org (Barry Lind) |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql-server/src/interfaces/jdbc/org/postgresq ... |
| Date: | 2003-07-22 05:13:06 |
| Message-ID: | 20030722051306.80B97D1C50F@svr1.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
CVSROOT: /cvsroot
Module name: pgsql-server
Changes by: barry(at)svr1(dot)postgresql(dot)org 03/07/22 02:13:05
Modified files:
src/interfaces/jdbc/org/postgresql: Tag: REL7_3_STABLE
Driver.java.in
src/interfaces/jdbc/org/postgresql/jdbc1: Tag: REL7_3_STABLE
AbstractJdbc1Statement.java
Log message:
Fix to prevent SQL injection attacks when calling setObject(int,Object,int)
where the Object is a String and the type is numeric (i.e. INTEGER,LONG,etc).
The fix applies the standard escaping for these values.
Modified Files:
Tag: REL7_3_STABLE
jdbc/org/postgresql/Driver.java.in
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Barry Lind | 2003-07-22 05:17:09 | pgsql-server/src/interfaces/jdbc/org/postgresq ... |
| Previous Message | Bruce Momjian | 2003-07-22 01:06:52 | pgsql-server/doc TODO |