fineract-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [fineract] thesmallstar commented on issue #723: FINERACT-808 FIXES: Some Action names do not filter audit trails
Date Sun, 08 Mar 2020 16:08:24 GMT
thesmallstar commented on issue #723: FINERACT-808 FIXES: Some Action names do not filter audit
trails
URL: https://github.com/apache/fineract/pull/723#issuecomment-596221641
 
 
   @vorburger 
   Update(not final but helpful conclusions): 
   For SQL injection to be possible inside a where query: 
   (something I tested): 
   ![image](https://user-images.githubusercontent.com/42006277/76166260-4be30280-6183-11ea-869f-6f1e002278c1.png)
   
   Here we expected the parts in city Paris with weight 17, SQL injection would end the quote
and then add a semicolon(and maybe a new query ahead). We skipped the validation: city = Paris
(This could have been a password?)
   
   Now, in `sqlEncodedStringWithoutValidation` we add a quote to the start and end (since
we need an initial quote and an end quote.
   this made the search query from 17'; to (start)'17(end)';'  next we replace each ' with
 ' ' -> '17' ';' this would escape the quote that means we could not end the initial start
of the search string, the new search query would be (start)'17;' '(end)(in all cases). 
   
   **Use of double quotes?**
   Should not be a problem, SQL injection needs to use a single quote(since we append a single
quote).
   
   Well, I could not still remove **probably**, but :P probably we would not need the keywords
to be compared in this special case? :P
   
   
   
   
   
   
   
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message