We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
imported from http://trac.osgeo.org/mapserver/ticket/3907
The text was updated successfully, but these errors were encountered:
attachment http://trac.osgeo.org/mapserver/attachment/ticket/3907/pg.map :
Sorry, something went wrong.
attachment http://trac.osgeo.org/mapserver/attachment/ticket/3907/fix_3907.patch :
Proposed fix to avoid the SQL injection
If I can read https://github.com/mapserver/mapserver/blob/branch-7-0/maptime.c the patch has not been applied.
Probably a good idea to apply it. Since @rouault was the original reporter he would be the best to advise and apply it.
msValidateTimeValue(): reject strings with single quote character to …
463d31f
…avoid potential SQL injections (#3907)
aboudreault
No branches or pull requests
imported from http://trac.osgeo.org/mapserver/ticket/3907
The text was updated successfully, but these errors were encountered: