Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
We have a regression of SA-2006-005 - Drupal core - SQL injection vulnerability; db_query_range and friends do not ensure $from and $count are integers.
I doubt it is directly exploitable in core.
Comment | File | Size | Author |
---|---|---|---|
#7 | do-811776-prevent-sql-injection.patch | 2.67 KB | Heine |
#6 | do-811776-prevent-sql-injection.patch | 5.34 KB | Heine |
#4 | do-811776-prevent-sql-injection.patch | 5.34 KB | Heine |
#2 | do-811776-prevent-sql-injection.patch | 5.34 KB | Heine |
Comments
Comment #1
Heine CreditAttribution: Heine commentedComment #2
Heine CreditAttribution: Heine commentedI hope I got them all.
Comment #4
Heine CreditAttribution: Heine commentedReroll
Comment #6
Heine CreditAttribution: Heine commentedLast and final attempt. All EOLs have been confirmed to be LF.
Comment #7
Heine CreditAttribution: Heine commentedAnd now forced UTF-8 instead of UTF-16LE.
Comment #8
catchLooks good.
Comment #9
Dries CreditAttribution: Dries commentedLooks good. Thanks Heine! If only PHP5 supported type hinting for integers ... :)
Comment #10
Crell CreditAttribution: Crell commented@Dries: There's discussion of that, actually, which has turned into a massive flame war and demonstration of why the PHP development process is fundamentally broken. As of right now, PHP.next is a strictly-typed language rather than weakly-typed like every other PHP version in history. Hopefully that will change soon. :-(
Comment #11
Heine CreditAttribution: Heine commented@Dries, did you forget to commit it? I see no changes to the db drivers in CVS.
Comment #12
Dries CreditAttribution: Dries commentedCommitted. For real now.