Quick Links

SQL injection bug for null-terminated strings?

From:	joe user <palehaole(at)yahoo(dot)com>
To:	pgsql-jdbc(at)postgresql(dot)org
Subject:	SQL injection bug for null-terminated strings?
Date:	2003-09-01 04:01:50
Message-ID:	20030901040150.58626.qmail@web20419.mail.yahoo.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-jdbc

From looking at some logs, it looks like there might
be an SQL injection bug with null-terminated strings.
Is this a known problem? If it is not, I will try to
write a test program to trigger it.

Thanks for any info.

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

Responses

Re: SQL injection bug for null-terminated strings? at 2003-09-01 10:31:55 from Kris Jurka

Browse pgsql-jdbc by date

	From	Date	Subject
Next Message	Zak McGregor	2003-09-01 09:24:11	Further getLastOID() woes
Previous Message	joe user	2003-09-01 01:53:16	A JDBC bug or problem relating to string length in Java vs. PG (long)