diff options
| author | Aaron Wood <aaronjwood@gmail.com> | 2016-07-20 08:20:45 -0400 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2016-07-20 14:46:47 +0200 |
| commit | 7c0de08cc44e0b04f23d6f3fa2d6030991935c54 (patch) | |
| tree | 8a680779c0e7a661a8f1f3d2f998e8cbe543c3da | |
| parent | b37e1ed17f54916e3321427d92afa3f74ebea1b3 (diff) | |
| download | nextcloud-server-7c0de08cc44e0b04f23d6f3fa2d6030991935c54.tar.gz nextcloud-server-7c0de08cc44e0b04f23d6f3fa2d6030991935c54.zip | |
Escape special characters (#25429)
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Use correct method in the AbstractMapping class
* Change the getNamesBySearch method so that input can be properly escaped while still supporting matches
* Don't escape hardcoded wildcard
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Access.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Mapping/AbstractMapping.php | 6 | ||||
| -rw-r--r-- | apps/user_ldap/tests/Mapping/AbstractMappingTest.php | 2 | ||||
| -rw-r--r-- | lib/private/Group/Database.php | 4 | ||||
| -rw-r--r-- | lib/private/Repair/RepairLegacyStorages.php | 2 |
6 files changed, 10 insertions, 8 deletions
diff --git a/apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php b/apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php index d0d348e170e..b319350c7f0 100644 --- a/apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php +++ b/apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php @@ -327,7 +327,7 @@ class CustomPropertiesBackend implements BackendInterface { $result = $this->connection->executeQuery( $sql, - array($this->user, rtrim($path, '/') . '/%', $requestedProperties), + array($this->user, $this->connection->escapeLikeParameter(rtrim($path, '/')) . '/%', $requestedProperties), array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY) ); diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php index 4d0753696ff..cdf12331477 100644 --- a/apps/user_ldap/lib/Access.php +++ b/apps/user_ldap/lib/Access.php @@ -623,7 +623,7 @@ class Access extends LDAPUtility implements IUserTools { * "Developers" */ private function _createAltInternalOwnCloudNameForGroups($name) { - $usedNames = $this->groupMapper->getNamesBySearch($name.'_%'); + $usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%'); if(!($usedNames) || count($usedNames) === 0) { $lastNo = 1; //will become name_2 } else { diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php index 54fe7db366f..67fbd9fe851 100644 --- a/apps/user_ldap/lib/Mapping/AbstractMapping.php +++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php @@ -138,16 +138,18 @@ abstract class AbstractMapping { /** * Searches mapped names by the giving string in the name column * @param string $search + * @param string $prefixMatch + * @param string $postfixMatch * @return string[] */ - public function getNamesBySearch($search) { + public function getNamesBySearch($search, $prefixMatch = "", $postfixMatch = "") { $query = $this->dbc->prepare(' SELECT `owncloud_name` FROM `'. $this->getTableName() .'` WHERE `owncloud_name` LIKE ? '); - $res = $query->execute(array($search)); + $res = $query->execute(array($prefixMatch.$this->dbc->escapeLikeParameter($search).$postfixMatch)); $names = array(); if($res !== false) { while($row = $query->fetch()) { diff --git a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php index ddd99d31709..a2e9f850913 100644 --- a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php +++ b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php @@ -164,7 +164,7 @@ abstract class AbstractMappingTest extends \Test\TestCase { public function testSearch() { list($mapper,) = $this->initTest(); - $names = $mapper->getNamesBySearch('%oo%'); + $names = $mapper->getNamesBySearch('oo', '%', '%'); $this->assertTrue(is_array($names)); $this->assertSame(2, count($names)); $this->assertTrue(in_array('Foobar', $names)); diff --git a/lib/private/Group/Database.php b/lib/private/Group/Database.php index 36d19f74cc6..64f249d4d25 100644 --- a/lib/private/Group/Database.php +++ b/lib/private/Group/Database.php @@ -285,7 +285,7 @@ class Database extends \OC\Group\Backend { $parameters = [$gid]; $searchLike = ''; if ($search !== '') { - $parameters[] = '%' . $search . '%'; + $parameters[] = '%' . $this->dbConn->escapeLikeParameter($search) . '%'; $searchLike = ' AND `uid` LIKE ?'; } @@ -311,7 +311,7 @@ class Database extends \OC\Group\Backend { $parameters = [$gid]; $searchLike = ''; if ($search !== '') { - $parameters[] = '%' . $search . '%'; + $parameters[] = '%' . $this->dbConn->escapeLikeParameter($search) . '%'; $searchLike = ' AND `uid` LIKE ?'; } diff --git a/lib/private/Repair/RepairLegacyStorages.php b/lib/private/Repair/RepairLegacyStorages.php index 8ef20cdf3c2..096300f51c2 100644 --- a/lib/private/Repair/RepairLegacyStorages.php +++ b/lib/private/Repair/RepairLegacyStorages.php @@ -172,7 +172,7 @@ class RepairLegacyStorages implements IRepairStep{ $sql = 'SELECT `id`, `numeric_id` FROM `*PREFIX*storages`' . ' WHERE `id` LIKE ?' . ' ORDER BY `id`'; - $result = $this->connection->executeQuery($sql, array($dataDirId . '%')); + $result = $this->connection->executeQuery($sql, array($this->connection->escapeLikeParameter($dataDirId) . '%')); while ($row = $result->fetch()) { $currentId = $row['id']; |