From cf9c47149f391074ccedf2fe76acce8a89309fbc Mon Sep 17 00:00:00 2001 From: Peter Keresztes Schmidt Date: Tue, 29 Jun 2021 11:18:57 +0200 Subject: [PATCH] db: Add helper for escaping strings and use it --- src/zm_db.cpp | 12 ++++++++++++ src/zm_db.h | 2 ++ src/zm_event.cpp | 7 ++----- src/zm_logger.cpp | 6 +----- src/zm_user.cpp | 10 +--------- 5 files changed, 18 insertions(+), 19 deletions(-) diff --git a/src/zm_db.cpp b/src/zm_db.cpp index 7224241b4..1b811b7ee 100644 --- a/src/zm_db.cpp +++ b/src/zm_db.cpp @@ -267,3 +267,15 @@ void zmDbQueue::push(std::string &&sql) { mQueue.push(std::move(sql)); mCondition.notify_all(); } + +std::string zmDbEscapeString(const std::string& to_escape) { + // According to docs, size of safer_whatever must be 2 * length + 1 + // due to unicode conversions + null terminator. + std::string escaped((to_escape.length() * 2) + 1, '\0'); + + + size_t escaped_len = mysql_real_escape_string(&dbconn, &escaped[0], to_escape.c_str(), to_escape.length()); + escaped.resize(escaped_len); + + return escaped; +} diff --git a/src/zm_db.h b/src/zm_db.h index c243aa6d6..a35b17c13 100644 --- a/src/zm_db.h +++ b/src/zm_db.h @@ -78,4 +78,6 @@ int zmDbDoUpdate(const char *query); MYSQL_RES * zmDbFetch(const char *query); zmDbRow *zmDbFetchOne(const char *query); +std::string zmDbEscapeString(const std::string& to_escape); + #endif // ZM_DB_H diff --git a/src/zm_event.cpp b/src/zm_event.cpp index b0215662a..9b612556a 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -402,12 +402,9 @@ void Event::updateNotes(const StringSetMap &newNoteSetMap) { Error("Unable to execute sql '%s': %s", sql, mysql_stmt_error(stmt)); } #else - char sql[ZM_SQL_LGE_BUFSIZ]; - static char escapedNotes[ZM_SQL_MED_BUFSIZ]; + std::string escaped_notes = zmDbEscapeString(notes); - mysql_real_escape_string(&dbconn, escapedNotes, notes.c_str(), notes.length()); - - snprintf(sql, sizeof(sql), "UPDATE `Events` SET `Notes` = '%s' WHERE `Id` = %" PRIu64, escapedNotes, id); + std::string sql = stringtf("UPDATE `Events` SET `Notes` = '%s' WHERE `Id` = %" PRIu64, escaped_notes.c_str(), id); dbQueue.push(std::move(sql)); #endif } // end if update diff --git a/src/zm_logger.cpp b/src/zm_logger.cpp index 580043488..841ee51cf 100644 --- a/src/zm_logger.cpp +++ b/src/zm_logger.cpp @@ -518,11 +518,7 @@ void Logger::logPrint(bool hex, const char *filepath, int line, int level, const if (level <= mDatabaseLevel) { if (zmDbConnected) { - int syslogSize = syslogEnd - syslogStart; - std::string escapedString; - escapedString.resize((syslogSize * 2) + 1); - mysql_real_escape_string(&dbconn, &escapedString[0], syslogStart, syslogSize); - escapedString.resize(std::strlen(escapedString.c_str())); + std::string escapedString = zmDbEscapeString({syslogStart, syslogEnd}); std::string sql_string = stringtf( "INSERT INTO `Logs` " diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 85e858545..29bf7d327 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -85,15 +85,7 @@ bool User::canAccess(int monitor_id) { // Function to load a user from username and password // Please note that in auth relay mode = none, password is NULL User *zmLoadUser(const char *username, const char *password) { - int username_length = strlen(username); - - // According to docs, size of safer_whatever must be 2*length+1 - // due to unicode conversions + null terminator. - std::string escaped_username((username_length * 2) + 1, '\0'); - - - size_t escaped_len = mysql_real_escape_string(&dbconn, &escaped_username[0], username, username_length); - escaped_username.resize(escaped_len); + std::string escaped_username = zmDbEscapeString(username); std::string sql = stringtf("SELECT `Id`, `Username`, `Password`, `Enabled`," " `Stream`+0, `Events`+0, `Control`+0, `Monitors`+0, `System`+0,"