hans/Nominatim
1
0
Fork 1
mirror of https://github.com/osm-search/Nominatim.git synced 2026-03-11 05:14:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

properly escape class parameter

Browse Source 
The class parameter was used as is, allowing for potential
SQL injection via the API.

Thanks to @bladeswords for finding this.
This commit is contained in:
Sarah Hoffmann
2020-05-02 23:01:27 +02:00
parent 627a487fcf
commit f549379e31
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/details.php
View File

@@ -37,7 +37,7 @@ if ($sOsmType && $iOsmId > 0) {
); );
// osm_type and osm_id are not unique enough // osm_type and osm_id are not unique enough
if ($sClass) { if ($sClass) {
$sSQL .= " AND class='".$sClass."'"; $sSQL .= " AND class='".pg_escape_string($sClass)."'";
} }
$sSQL .= ' ORDER BY class ASC'; $sSQL .= ' ORDER BY class ASC';
$sPlaceId = chksql($oDB->getOne($sSQL)); $sPlaceId = chksql($oDB->getOne($sSQL));