From: | barry(at)svr1(dot)postgresql(dot)org (Barry Lind) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql-server/src/interfaces/jdbc/org/postgresq ... |
Date: | 2003-07-22 05:13:06 |
Message-ID: | 20030722051306.80B97D1C50F@svr1.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
CVSROOT: /cvsroot
Module name: pgsql-server
Changes by: barry(at)svr1(dot)postgresql(dot)org 03/07/22 02:13:05
Modified files:
src/interfaces/jdbc/org/postgresql: Tag: REL7_3_STABLE
Driver.java.in
src/interfaces/jdbc/org/postgresql/jdbc1: Tag: REL7_3_STABLE
AbstractJdbc1Statement.java
Log message:
Fix to prevent SQL injection attacks when calling setObject(int,Object,int)
where the Object is a String and the type is numeric (i.e. INTEGER,LONG,etc).
The fix applies the standard escaping for these values.
Modified Files:
Tag: REL7_3_STABLE
jdbc/org/postgresql/Driver.java.in
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
From | Date | Subject | |
---|---|---|---|
Next Message | Barry Lind | 2003-07-22 05:17:09 | pgsql-server/src/interfaces/jdbc/org/postgresq ... |
Previous Message | Bruce Momjian | 2003-07-22 01:06:52 | pgsql-server/doc TODO |