apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53666] The Sybase/FreeTDS driver is broken -- misparses the queries
Date Wed, 02 Jan 2013 21:35:07 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53666

--- Comment #7 from Nick Kew <nick@webthing.com> ---
I can believe that it's broken, especially in the parts marked as
unimplemented.

But why does your patch remove all the untainting code?  Can you explain, for
example, how a user of mod_authn_dbd executes the standard user lookup query
without opening the server to all kinds of SQL injection attack?

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message