| From: | barry(at)svr1(dot)postgresql(dot)org (Barry Lind) |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql-server/src/interfaces/jdbc/org/postgresq ... |
| Date: | 2003-07-22 05:17:09 |
| Message-ID: | 20030722051709.33BB1D1C4DC@svr1.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
CVSROOT: /cvsroot
Module name: pgsql-server
Changes by: barry(at)svr1(dot)postgresql(dot)org 03/07/22 02:17:09
Modified files:
src/interfaces/jdbc/org/postgresql: Driver.java.in
src/interfaces/jdbc/org/postgresql/jdbc1:
AbstractJdbc1Statement.java
Log message:
Fix to prevent SQL injection attacks for code calling setObject(int,Object,int)
where Object is a user supplied String and the type is a numeric type
(i.e. INTEGER,LONG,etc).
Also applied a patch from Kim Ho that fixes compile problems under jdk1.2
Modified Files:
jdbc/org/postgresql/Driver.java.in
jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Teodor Sigaev | 2003-07-22 13:23:09 | pgsql-server/contrib/tsearch README.tsearch |
| Previous Message | Barry Lind | 2003-07-22 05:13:06 | pgsql-server/src/interfaces/jdbc/org/postgresq ... |