rlm_sql sql_escape_func
Hagen Münch
hmuench at gordiancode.com
Tue Jan 8 15:32:47 CET 2019
Hello,
I met the problem that if there are string values in a data base that contain single-quotes, the radius_axlat function expands a "foo'bar" to "foo27bar" by using the sql_escape_func of the rlm_sql module.
I solved it by adding
---snip---
case '\'':
if (outlen <= 2) break;
out[0] = '\'';
out[1] = '\'';
in++;
out += 2;
outlen -= 2;
len += 2;
break;
---snip---
To the sql_escape_func.
Do you think this approach is appropriate and would it be possible to add this single-quote escape case to the v3.x source? Thank you.
Take care,
Hagen
More information about the Freeradius-Devel
mailing list