fix more sql injections

https://bugs.freedesktop.org/show_bug.cgi?id=42904 Signed-off-by: Richard Hughes <richard@hughsie.com>
author: Ludwig Nussel <ludwig.nussel@suse.de> 2011-11-25 11:14:21 +0100
committer: Richard Hughes <richard@hughsie.com> 2011-11-25 10:54:32 +0000
commit: 36549e0ed255e7dfa7852d08a75dd5f00cbd270e (patch)
tree: 78f8b4896f7a824ca455b106776278d30e4b3da6 /src/cd-device-db.c
parent: 1e9272c663eb8a519f0b9bfbffbd00ac364582c1 (diff)
download: colord-36549e0ed255e7dfa7852d08a75dd5f00cbd270e.tar.gz
1 files changed, 21 insertions, 21 deletions
diff --git a/src/cd-device-db.c b/src/cd-device-db.c
index 808a338..e69fa64 100644
--- a/src/cd-device-db.c
+++ b/src/cd-device-db.c
@@ -151,8 +151,8 @@ cd_device_db_add (CdDeviceDb *ddb,
 	g_return_val_if_fail (ddb->priv->db != NULL, FALSE);
 
 	g_debug ("CdDeviceDb: add device %s", device_id);
-	statement = g_strdup_printf ("INSERT INTO devices (device_id) "
-				     "VALUES ('%s')",
+	statement = sqlite3_mprintf ("INSERT INTO devices (device_id) "
+				     "VALUES ('%q')",
 				     device_id);
 
 	/* insert the entry */
@@ -168,7 +168,7 @@ cd_device_db_add (CdDeviceDb *ddb,
 		goto out;
 	}
 out:
-	g_free (statement);
+	sqlite3_free (statement);
 	return ret;
 }
 
@@ -191,9 +191,9 @@ cd_device_db_set_property (CdDeviceDb *ddb,
 	g_return_val_if_fail (ddb->priv->db != NULL, FALSE);
 
 	g_debug ("CdDeviceDb: add device %s [%s=%s]", device_id, property, value);
-	statement = g_strdup_printf ("INSERT INTO properties (device_id, "
+	statement = sqlite3_mprintf ("INSERT INTO properties (device_id, "
 				     "property, value) "
-				     "VALUES ('%s', '%s', '%s')",
+				     "VALUES ('%q', '%q', '%q')",
 				     device_id, property, value);
 
 	/* insert the entry */
@@ -209,7 +209,7 @@ cd_device_db_set_property (CdDeviceDb *ddb,
 		goto out;
 	}
 out:
-	g_free (statement);
+	sqlite3_free (statement);
 	return ret;
 }
 
@@ -232,8 +232,8 @@ cd_device_db_remove (CdDeviceDb *ddb,
 
 	/* remove the entry */
 	g_debug ("CdDeviceDb: remove device %s", device_id);
-	statement1 = g_strdup_printf ("DELETE FROM devices WHERE "
-				     "device_id = '%s';",
+	statement1 = sqlite3_mprintf ("DELETE FROM devices WHERE "
+				     "device_id = '%q';",
 				     device_id);
 	rc = sqlite3_exec (ddb->priv->db, statement1, NULL, NULL, &error_msg);
 	if (rc != SQLITE_OK) {
@@ -246,8 +246,8 @@ cd_device_db_remove (CdDeviceDb *ddb,
 		ret = FALSE;
 		goto out;
 	}
-	statement2 = g_strdup_printf ("DELETE FROM properties WHERE "
-				     "device_id = '%s';",
+	statement2 = sqlite3_mprintf ("DELETE FROM properties WHERE "
+				     "device_id = '%q';",
 				     device_id);
 	rc = sqlite3_exec (ddb->priv->db, statement2, NULL, NULL, &error_msg);
 	if (rc != SQLITE_OK) {
@@ -261,8 +261,8 @@ cd_device_db_remove (CdDeviceDb *ddb,
 		goto out;
 	}
 out:
-	g_free (statement1);
-	g_free (statement2);
+	sqlite3_free (statement1);
+	sqlite3_free (statement2);
 	return ret;
 }
 
@@ -302,9 +302,9 @@ cd_device_db_get_property (CdDeviceDb *ddb,
 	g_return_val_if_fail (ddb->priv->db != NULL, FALSE);
 
 	g_debug ("CdDeviceDb: get property %s for %s", property, device_id);
-	statement = g_strdup_printf ("SELECT value FROM properties WHERE "
-				     "device_id = '%s' AND "
-				     "property = '%s' LIMIT 1;",
+	statement = sqlite3_mprintf ("SELECT value FROM properties WHERE "
+				     "device_id = '%q' AND "
+				     "property = '%q' LIMIT 1;",
 				     device_id, property);
 
 	/* remove the entry */
@@ -338,7 +338,7 @@ cd_device_db_get_property (CdDeviceDb *ddb,
 	value = g_strdup (g_ptr_array_index (array_tmp, 0));
 out:
 	g_ptr_array_unref (array_tmp);
-	g_free (statement);
+	sqlite3_free (statement);
 	return value;
 }
 
@@ -360,7 +360,7 @@ cd_device_db_get_devices (CdDeviceDb *ddb,
 
 	/* get all the devices */
 	g_debug ("CdDeviceDb: get devices");
-	statement = g_strdup_printf ("SELECT device_id FROM devices;");
+	statement = sqlite3_mprintf ("SELECT device_id FROM devices;");
 	array_tmp = g_ptr_array_new_with_free_func (g_free);
 	rc = sqlite3_exec (ddb->priv->db,
 			   statement,
@@ -381,7 +381,7 @@ cd_device_db_get_devices (CdDeviceDb *ddb,
 	array = g_ptr_array_ref (array_tmp);
 out:
 	g_ptr_array_unref (array_tmp);
-	g_free (statement);
+	sqlite3_free (statement);
 	return array;
 }
 
@@ -404,8 +404,8 @@ cd_device_db_get_properties (CdDeviceDb *ddb,
 
 	/* get all the devices */
 	g_debug ("CdDeviceDb: get properties for device %s", device_id);
-	statement = g_strdup_printf ("SELECT property FROM properties "
-				     "WHERE device_id = '%s';",
+	statement = sqlite3_mprintf ("SELECT property FROM properties "
+				     "WHERE device_id = '%q';",
 				     device_id);
 	array_tmp = g_ptr_array_new_with_free_func (g_free);
 	rc = sqlite3_exec (ddb->priv->db,
@@ -427,7 +427,7 @@ cd_device_db_get_properties (CdDeviceDb *ddb,
 	array = g_ptr_array_ref (array_tmp);
 out:
 	g_ptr_array_unref (array_tmp);
-	g_free (statement);
+	sqlite3_free (statement);
 	return array;
 }
author	Ludwig Nussel <ludwig.nussel@suse.de>	2011-11-25 11:14:21 +0100
committer	Richard Hughes <richard@hughsie.com>	2011-11-25 10:54:32 +0000
commit	36549e0ed255e7dfa7852d08a75dd5f00cbd270e (patch)
tree	78f8b4896f7a824ca455b106776278d30e4b3da6 /src/cd-device-db.c
parent	1e9272c663eb8a519f0b9bfbffbd00ac364582c1 (diff)
download	colord-36549e0ed255e7dfa7852d08a75dd5f00cbd270e.tar.gz