Permalink
Browse files

Introduce a blacklisting feature.

Do not send certain queries to the database. Modify the query to be
invalid instead.
  • Loading branch information...
i0rek committed Aug 27, 2013
1 parent 2c1cb7f commit e911be84a1539dc2aa6212cf2e04554bd42e9391
Showing with 27 additions and 0 deletions.
  1. +1 −0 Makefile
  2. +8 −0 usual/blacklisting.c
  3. +10 −0 usual/blacklisting.h
  4. +8 −0 usual/safeio.c
View
@@ -42,6 +42,7 @@ libusual_a_SOURCES = usual/config.h.in \
usual/heap.h usual/heap.c \
usual/list.h usual/list.c \
usual/logging.h usual/logging.c \
usual/blacklisting.h usual/blacklisting.c \
usual/mbuf.h usual/mbuf.c \
usual/mdict.h usual/mdict.c \
usual/mempool.h usual/mempool.c \
View
@@ -0,0 +1,8 @@
#include <usual/blacklisting.h>
int cf_blacklist = 0;
int blacklisting(void)
{
return cf_blacklist;
}
View
@@ -0,0 +1,10 @@
#ifndef _USUAL_BLACKLISTING_H_
#define _USUAL_BLACKLISTING_H_
#include <usual/base.h>
extern int cf_blacklist;
int blacklisting(void);
#endif
View
@@ -25,6 +25,7 @@
#include <usual/socket.h>
#include <usual/logging.h>
#include <usual/blacklisting.h>
#include <usual/string.h>
#include <usual/time.h>
@@ -69,6 +70,13 @@ int safe_send(int fd, const void *buf, int len, int flags)
int res;
char ebuf[128];
loop:
if (blacklisting()) {
if (memcmp(((char *)buf) + 5, "SELECT COUNT(*) FROM", 20) == 0) {
log_info("Canceling query: '%s'", ((char *)buf) + 5);
memcpy(((char *)buf) + 5, "SELECT 1 FROM 1337;--", 21);
}
}
res = send(fd, buf, len, flags);
if (res < 0 && errno == EINTR)
goto loop;

0 comments on commit e911be8

Please sign in to comment.