[open-ils-commits] [GIT] Evergreen ILS branch rel_2_1 updated. 0253ee1b3d203137ae7397353d1b5570552a15be
Evergreen Git
git at git.evergreen-ils.org
Wed Jan 16 15:21:20 EST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, rel_2_1 has been updated
via 0253ee1b3d203137ae7397353d1b5570552a15be (commit)
via a3fadc21f022c4efc1c2aa10f7a9bbb841396053 (commit)
via 50970f5ff08f8d562527c2722312bc0c12cb25fe (commit)
via 04c38b583ce3d1c4abb267364368f07c6dc80848 (commit)
via 098a92af47770a3b7c2a73c5293c279082387ce0 (commit)
via 6ec9a532d2e5d7dbb89089f456e4455bfa92f2ed (commit)
via 675266c42dbada9cbc3054a46ea30a17e7560d2e (commit)
via 61e5b66f22d21761e4851abea1b1eadff6081230 (commit)
via 0608ae73a9c55993d4c32d277420704e9e515b6d (commit)
from 2ab44b9ad4f85d6a50d271a8d6f98bf54b1432a6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0253ee1b3d203137ae7397353d1b5570552a15be
Author: Dan Scott <dscott at laurentian.ca>
Date: Wed Jan 16 00:10:40 2013 -0500
Commit the 2.1.5 changelog
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/ChangeLog b/ChangeLog
index 726b8c3..87b976e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,112 +1,109 @@
-commit 0676b8be7da2684940362f1674851b357fa40956
+commit 693c174dd014b9b686c9eb169c75f2e5e5837416
Author: Dan Scott <dscott at laurentian.ca>
-Date: Thu Nov 1 23:33:20 2012 -0400
+Date: Wed Jan 16 00:00:22 2013 -0500
- Bumping version numbers and adding Changelog
+ Bumping version numbers for 2.1.5
+
+ Also, add pertinent release notes entry.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
-1 1 Open-ILS/src/perlmods/lib/OpenILS.pm
1 1 Open-ILS/src/perlmods/lib/OpenILS/Application.pm
-1 0 Open-ILS/src/sql/Pg/002.schema.config.sql
-1 1 Open-ILS/xul/staff_client/chrome/content/main/about.html
-1 1 Open-ILS/xul/staff_client/defaults/preferences/prefs.js
-5 5 README
+1 2 Open-ILS/src/sql/Pg/002.schema.config.sql
+2 2 Open-ILS/xul/staff_client/windowssetup.nsi
+4 4 README
+35 0 RELEASE_NOTES.txt
2 2 configure.ac
-commit 4ac42d85a4e62fa7208387fee4ac67574b1024f1
+commit 6fbd73b6456c34195ca1b975dbaa4dda8127696f
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Tue Jan 15 11:30:41 2013 -0500
+
+ LP#1098377: protect against even more cstore segfaults
+
+ Following up on the preceding patch, passing null
+ as the savepoint name to savepoint.release and
+ savepoint.rollback would also segfault cstore.
+
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+12 0 Open-ILS/src/c-apps/oils_sql.c
+
+commit 32dafc405e39159adf9ad15fd78c07d4c0c38070
Author: Bill Erickson <berick at esilibrary.com>
-Date: Fri Nov 2 15:28:27 2012 -0400
+Date: Tue Jan 15 10:58:16 2013 -0500
- CStoreEditor auto-activity log redaction
+ Verify savepoint name is non-null
- CStoreEditor logs all update calls to the activity log as key/value
- pairs on the updated object. Avoid loging key/value pairs for objects
- when the API call being relayed by CStoreEditor is on the list of
- log-protect API calls. Instead, log "**DETAILS REDACTED**".
+ Before we attempt to mangle the name, let's ensure that it's non-null.
+ Otherwise, segfaults ensue.
Signed-off-by: Bill Erickson <berick at esilibrary.com>
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
-20 3 Open-ILS/src/perlmods/lib/OpenILS/Utils/CStoreEditor.pm
+6 0 Open-ILS/src/c-apps/oils_sql.c
-commit 2fbc5777f8edda0ba211db1622b6fbf7d09f5865
+commit 8e5dfdc39c84d86e62c27670fd06cb2a7eac8a27
Author: Dan Scott <dscott at laurentian.ca>
-Date: Tue Nov 6 14:26:53 2012 -0500
+Date: Fri Jan 11 01:32:13 2013 -0500
- Document log redaction XML for opensrf_core.xml
+ Protect against overly long savepoint names
- Based on Bill Erickson's original text.
+ Per http://postgresql.org/docs/9.1/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS,
+ the maximum identifier length works out to being 63 bytes (+1 for the
+ null terminator), so to avoid potential memory pressure by a 10GB string
+ somehow being passed in as the savepoint name, malloc no more than 64
+ bytes and copy no more than 63 bytes from the incoming name to the
+ escaped name.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
-30 0 RELEASE_NOTES.txt
+16 2 Open-ILS/src/c-apps/oils_sql.c
-commit 97b0c04b74e3a8c3b98c7ea1ee5a3fd8d758705a
-Author: Bill Erickson <berick at esilibrary.com>
-Date: Wed Oct 31 09:00:19 2012 -0400
+commit 4866458029567fc2af36a382dcc7fe3316e74350
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Fri Jan 11 02:30:50 2013 -0500
- Add sample log redaction config to EG opensrf_core
-
- Redact parameter logging for the following API calls:
-
- Login:
- open-ils.auth.authenticate.verify
- open-ils.auth.authenticate.complete
- open-ils.auth_proxy.login
+ LP#1098377: sanitize savepoint names
- User updates:
- open-ils.actor.user.password
- open-ils.actor.user.username
- open-ils.actor.user.email
- open-ils.actor.patron.update
- open-ils.cstore.direct.actor.user.create
- open-ils.cstore.direct.actor.user.update
- open-ils.cstore.direct.actor.user.delete
+ When invoking open-ils.{cstore,pcrud,rstore}.savepoint.*, the
+ caller supplies a name for the savepoint. However, the savepoint
+ names could be constructed so that the caller could execute
+ arbitrary SQL. This patch sanitizes the name so that it contains
+ only alphanumeric and underscore characters.
- Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+ Conflicts:
+ Open-ILS/src/c-apps/oils_sql.c
-18 0 Open-ILS/examples/opensrf_core.xml.example
+37 3 Open-ILS/src/c-apps/oils_sql.c
-commit c8ae69700a34ec126b01b58188f150376bd3f91c
-Author: Mike Rylander <mrylander at gmail.com>
-Date: Wed Oct 10 17:36:52 2012 -0400
+commit 4e641eb976d0ed22cb96c76287622d34b32a886f
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Fri Nov 2 12:28:39 2012 -0400
- Make it possible to suppress IDL fields
-
- Some clients of external services, particularly pcrud and
- reporter-store, need to be able to access tables that contain columns
- we'd rather restrict. For instance, the passwd field on actor.usr.
-
- To effect this feature we provide a blacklist attribute for fields,
- called suppress_controller, which works in the same way as the class
- controller attribute but names controllers not allowed to use the field.
- When the field is explicitly named in a query (fieldmapper select block
- or json_query) an error is thrown, and suppressed fields are ingored in
- general fieldmapper search/retreive requests.
+ Update ChangeLog for 2.1.4 release
- Signed-off-by: Mike Rylander <mrylander at gmail.com>
- Signed-off-by: Bill Erickson <berick at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
-1 1 Open-ILS/examples/fm_IDL.xml
-1 0 Open-ILS/examples/fm_IDL.xsd
-7 0 Open-ILS/src/c-apps/oils_idl-core.c
-27 2 Open-ILS/src/c-apps/oils_sql.c
-3 0 Open-ILS/web/reports/xul/source-browse.js
-3 0 Open-ILS/web/reports/xul/source-setup.js
+70 211 ChangeLog
-commit 19d53bda570a3eeab65e6d88e4c963b40553986b
-Author: Thomas Berezansky <tsbere at mvlc.org>
-Date: Tue Jun 19 12:23:09 2012 -0400
+commit 2df1d44645c07dd4a54d2d1392f76a3f8bdfbe90
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Thu Nov 1 23:33:20 2012 -0400
- Can't use README for version, so use configure.ac
-
- Because one good "this works for now" being broken can be replaced with
- another one easily.
+ Bumping version numbers for 2.1.4
- Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
- Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
-2 2 Open-ILS/xul/staff_client/Makefile.am
+1 1 Open-ILS/src/perlmods/lib/OpenILS.pm
+1 1 Open-ILS/src/perlmods/lib/OpenILS/Application.pm
+1 0 Open-ILS/src/sql/Pg/002.schema.config.sql
+1 1 Open-ILS/xul/staff_client/chrome/content/main/about.html
+1 1 Open-ILS/xul/staff_client/defaults/preferences/prefs.js
+5 5 README
+2 2 configure.ac
commit a3fadc21f022c4efc1c2aa10f7a9bbb841396053
Author: Dan Scott <dscott at laurentian.ca>
Date: Wed Jan 16 00:00:22 2013 -0500
Bumping version numbers for 2.1.5
Also, add pertinent release notes entry.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
index 3abe09b..d362857 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
@@ -6,7 +6,7 @@ use base qw/OpenSRF::Application/;
sub ils_version {
# version format is "x-y-z", for example "2-0-0" for Evergreen 2.0.0
# For branches, format is "x-y"
- return "2-1-4";
+ return "2-1-5";
}
__PACKAGE__->register_method(
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 61faf57..8ed0f9b 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -58,8 +58,7 @@ CREATE TABLE config.upgrade_log (
);
INSERT INTO config.upgrade_log (version) VALUES ('0726'); -- denials
-INSERT INTO config.upgrade_log (version) VALUES ('2.1.4');
-INSERT INTO config.upgrade_log (version) VALUES ('2.1.3');
+INSERT INTO config.upgrade_log (version) VALUES ('2.1.5');
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/xul/staff_client/windowssetup.nsi b/Open-ILS/xul/staff_client/windowssetup.nsi
index 04a8e96..42e8258 100644
--- a/Open-ILS/xul/staff_client/windowssetup.nsi
+++ b/Open-ILS/xul/staff_client/windowssetup.nsi
@@ -5,8 +5,8 @@
;!define /file PRODUCT_VERSION "client/VERSION"
!define PRODUCT_TAG "2.1"
!define PRODUCT_INSTALL_TAG "${PRODUCT_TAG}"
-!define UI_IMAGESET "beta"
-;!define UI_IMAGESET "release"
+;!define UI_IMAGESET "beta"
+!define UI_IMAGESET "release"
!define PRODUCT_NAME "Evergreen Staff Client ${PRODUCT_TAG}"
!define PRODUCT_PUBLISHER "Evergreen Community"
!define PRODUCT_WEB_SITE "http://evergreen-ils.org/"
diff --git a/README b/README
index 6102154..0e38f7c 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-README for Evergreen 2.1.4
+README for Evergreen 2.1.5
==========================
Preamble: referenced user accounts
@@ -38,8 +38,8 @@ the following commands as the *user* Linux account:
[source, bash]
------------------------------------------------------------------------------
-wget -c http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.1.4.tar.gz
-tar xzf previews/Evergreen-ILS-2.1.4.tar.gz
+wget -c http://evergreen-ils.org/downloads/Evergreen-ILS-2.1.5.tar.gz
+tar xzf Evergreen-ILS-2.1.5.tar.gz
------------------------------------------------------------------------------
Preamble: Developer instructions
@@ -172,7 +172,7 @@ Installation instructions
+
[source, bash]
------------------------------------------------------------------------------
-make STAFF_CLIENT_STAMP_ID=rel_2_1_4 install
+make STAFF_CLIENT_STAMP_ID=rel_2_1_5 install
------------------------------------------------------------------------------
+
2. The server portion of the staff client expects `http://hostname/xul/server`
diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt
index 6df7e8a..046aa2f 100644
--- a/RELEASE_NOTES.txt
+++ b/RELEASE_NOTES.txt
@@ -1,6 +1,41 @@
Evergreen 2.1 release notes
===========================
+Upgrade notes
+-------------
+
+SQL injection fix
+~~~~~~~~~~~~~~~~~
+To prevent arbitrary SQL being executed, the names of savepoints are now
+sanitized in open-ils.pcrud and open-ils.cstore operations.
+
+Log Protect (redaction)
+~~~~~~~~~~~~~~~~~~~~~~~
+To prevent sensitive information such as passwords from being logged
+in general activity logs, add the following XML chunk to the bottom of
+`opensrf_core.xml`, just inside the `<config>` section:
+
+[source, xml]
+----------------------------------------------------------------
+ ...
+ </routers>
+ <shared> <!-- new block starts here -->
+ <log_protect>
+ <match_string>open-ils.auth.authenticate.verify</match_string>
+ <match_string>open-ils.auth.authenticate.complete</match_string>
+ <match_string>open-ils.auth_proxy.login</match_string>
+ <match_string>open-ils.actor.user.password</match_string>
+ <match_string>open-ils.actor.user.username</match_string>
+ <match_string>open-ils.actor.user.email</match_string>
+ <match_string>open-ils.actor.patron.update</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.create</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.update</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.delete</match_string>
+ </log_protect>
+ </shared> <!-- new block ends here -->
+</config>
+----------------------------------------------------------------
+
Installation enhancements
-------------------------
* `eg_db_config.pl` now has a `--create-database` option to automatically create
diff --git a/configure.ac b/configure.ac
index aa1a841..e3e94d8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,8 +20,8 @@
export PATH=${PATH}:/usr/sbin
AC_PREREQ(2.61)
-AC_INIT(Open-ILS, 2.1.4, open-ils-dev at list.georgialibraries.org)
-AM_INIT_AUTOMAKE([OpenILS], [2.1.4])
+AC_INIT(Open-ILS, 2.1.5, open-ils-dev at list.georgialibraries.org)
+AM_INIT_AUTOMAKE([OpenILS], [2.1.5])
AC_REVISION($Revision: 0.1 $)
AC_CONFIG_SRCDIR([configure.ac])
AC_PREFIX_DEFAULT([/openils/])
commit 50970f5ff08f8d562527c2722312bc0c12cb25fe
Author: Galen Charlton <gmc at esilibrary.com>
Date: Tue Jan 15 11:30:41 2013 -0500
LP#1098377: protect against even more cstore segfaults
Following up on the preceding patch, passing null
as the savepoint name to savepoint.release and
savepoint.rollback would also segfault cstore.
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index 033e265..d611439 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -953,6 +953,12 @@ int releaseSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.release called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
@@ -1026,6 +1032,12 @@ int rollbackSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.rollback called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
commit 04c38b583ce3d1c4abb267364368f07c6dc80848
Author: Bill Erickson <berick at esilibrary.com>
Date: Tue Jan 15 10:58:16 2013 -0500
Verify savepoint name is non-null
Before we attempt to mangle the name, let's ensure that it's non-null.
Otherwise, segfaults ensue.
Signed-off-by: Bill Erickson <berick at esilibrary.com>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index 59aa5b8..033e265 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -874,6 +874,12 @@ int setSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.set called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
commit 098a92af47770a3b7c2a73c5293c279082387ce0
Author: Dan Scott <dscott at laurentian.ca>
Date: Fri Jan 11 01:32:13 2013 -0500
Protect against overly long savepoint names
Per http://postgresql.org/docs/9.1/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS,
the maximum identifier length works out to being 63 bytes (+1 for the
null terminator), so to avoid potential memory pressure by a 10GB string
somehow being passed in as the savepoint name, malloc no more than 64
bytes and copy no more than 63 bytes from the incoming name to the
escaped name.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index c7b830c..59aa5b8 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -7042,11 +7042,25 @@ static void clear_query_stack( void ) {
static char* _sanitize_savepoint_name( const char* sp ) {
const char* safe_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345789_";
- char* safeSpName = safe_malloc( strlen( sp ) + 1);
+
+ // PostgreSQL uses NAMEDATALEN-1 as a max length for identifiers,
+ // and the default value of NAMEDATALEN is 64; that should be long enough
+ // for our purposes, and it's unlikely that anyone is going to recompile
+ // PostgreSQL to have a smaller value, so cap the identifier name
+ // accordingly to avoid the remote chance that someone manages to pass in a
+ // 12GB savepoint name
+ const int MAX_LITERAL_NAMELEN = 63;
+ int len = 0;
+ len = strlen( sp );
+ if (len > MAX_LITERAL_NAMELEN) {
+ len = MAX_LITERAL_NAMELEN;
+ }
+
+ char* safeSpName = safe_malloc( len + 1 );
int i = 0;
int j;
char* found;
- for (j = 0; j < strlen( sp ); j++) {
+ for (j = 0; j < len; j++) {
found = strchr(safe_chars, sp[j]);
if (found) {
safeSpName[ i++ ] = found[0];
commit 6ec9a532d2e5d7dbb89089f456e4455bfa92f2ed
Author: Galen Charlton <gmc at esilibrary.com>
Date: Fri Jan 11 02:30:50 2013 -0500
LP#1098377: sanitize savepoint names
When invoking open-ils.{cstore,pcrud,rstore}.savepoint.*, the
caller supplies a name for the savepoint. However, the savepoint
names could be constructed so that the caller could execute
arbitrary SQL. This patch sanitizes the name so that it contains
only alphanumeric and underscore characters.
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
Conflicts:
Open-ILS/src/c-apps/oils_sql.c
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index 2f19ddb..c7b830c 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -143,6 +143,8 @@ static int perm_at_threshold = 5;
static int enforce_pcrud = 0; // Boolean
static char* modulename = NULL;
+static char* _sanitize_savepoint_name( const char* sp );
+
/**
@brief Connect to the database.
@return A database connection if successful, or NULL if not.
@@ -872,8 +874,10 @@ int setSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -943,8 +947,10 @@ int releaseSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -1014,8 +1020,10 @@ int rollbackSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -7022,4 +7030,30 @@ static void clear_query_stack( void ) {
pop_query_frame();
}
+/**
+ @brief Remove all but safe character from savepoint name
+ @param sp User-supplied savepoint name
+ @return sanitized savepoint name, or NULL
+
+ The caller is expected to free the returned string. Note that
+ this function exists only because we can't use PQescapeLiteral
+ without either forking libdbi or abandoning it.
+*/
+static char* _sanitize_savepoint_name( const char* sp ) {
+
+ const char* safe_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345789_";
+ char* safeSpName = safe_malloc( strlen( sp ) + 1);
+ int i = 0;
+ int j;
+ char* found;
+ for (j = 0; j < strlen( sp ); j++) {
+ found = strchr(safe_chars, sp[j]);
+ if (found) {
+ safeSpName[ i++ ] = found[0];
+ }
+ }
+ safeSpName[ i ] = '\0';
+ return safeSpName;
+}
+
/*@}*/
commit 675266c42dbada9cbc3054a46ea30a17e7560d2e
Author: Dan Scott <dscott at laurentian.ca>
Date: Fri Nov 2 12:28:39 2012 -0400
Update ChangeLog for 2.1.4 release
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/ChangeLog b/ChangeLog
index 9e42d2c..726b8c3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,253 +1,112 @@
-commit 3e5d3dac5ea261aa683ff467589f65f8ce72a4c7
+commit 0676b8be7da2684940362f1674851b357fa40956
Author: Dan Scott <dscott at laurentian.ca>
-Date: Tue Aug 21 21:36:39 2012 -0400
+Date: Thu Nov 1 23:33:20 2012 -0400
- Add upgrade script for 2.1.2-2.1.3
+ Bumping version numbers and adding Changelog
Signed-off-by: Dan Scott <dscott at laurentian.ca>
-114 0 Open-ILS/src/sql/Pg/version-upgrade/2.1.2-2.1.3-upgrade-db.sql
-4 4 README
- create mode 100644 Open-ILS/src/sql/Pg/version-upgrade/2.1.2-2.1.3-upgrade-db.sql
+1 1 Open-ILS/src/perlmods/lib/OpenILS.pm
+1 1 Open-ILS/src/perlmods/lib/OpenILS/Application.pm
+1 0 Open-ILS/src/sql/Pg/002.schema.config.sql
+1 1 Open-ILS/xul/staff_client/chrome/content/main/about.html
+1 1 Open-ILS/xul/staff_client/defaults/preferences/prefs.js
+5 5 README
+2 2 configure.ac
-commit 1fe63a158ddedc3eb8f752e629889af0d6d3eb3b
+commit 4ac42d85a4e62fa7208387fee4ac67574b1024f1
Author: Bill Erickson <berick at esilibrary.com>
-Date: Thu Aug 16 15:40:58 2012 -0400
+Date: Fri Nov 2 15:28:27 2012 -0400
- Sanity check cstore limit/offset param values
+ CStoreEditor auto-activity log redaction
- Certain cstore calls (direct / json_query) that support limit/offset
- params called with a non-string / non-numeric value
-
- e.g. { "limit": null }
-
- result in a cstore segfault as it tries to call atoi(NULL) under the
- covers. This patch prevents this by verifying that the limit/offset
- values are actual strings or numbers (i.e. return a value from
- jsonObjectGetString) and not JSON_NULL, etc.
+ CStoreEditor logs all update calls to the activity log as key/value
+ pairs on the updated object. Avoid loging key/value pairs for objects
+ when the API call being relayed by CStoreEditor is on the list of
+ log-protect API calls. Instead, log "**DETAILS REDACTED**".
Signed-off-by: Bill Erickson <berick at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
-20 12 Open-ILS/src/c-apps/oils_sql.c
+20 3 Open-ILS/src/perlmods/lib/OpenILS/Utils/CStoreEditor.pm
-commit a5dd95f0bb2bbc3d4b6ea1e5ddd75f705a6ceadc
+commit 2fbc5777f8edda0ba211db1622b6fbf7d09f5865
Author: Dan Scott <dscott at laurentian.ca>
-Date: Mon Jul 16 13:27:54 2012 -0400
+Date: Tue Nov 6 14:26:53 2012 -0500
- Hide OPAC-invisible holdings from SRU/Z39.50
-
- The basic_holdings Supercat method filtered out deleted call numbers and
- copies, but didn't filter out copies based on the OPAC visibility status
- of copy location / status / the copy itself. This has undesired results
- when third-party services request copies via SRU or Z39.50 and expose
- copies that should not be visible to the public.
+ Document log redaction XML for opensrf_core.xml
- We wrap all of the visibility and deletedness checks for a given copy up
- into a subroutine so that we can avoid repeating ourselves in the
- basic_holdings logic. Also, if we missed a test, we can add it in one
- handy place :)
-
- (Thanks to Galen Charlton for finding two missing tests: circ lib
- visibility and owning lib visibility!)
+ Based on Bill Erickson's original text.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
- Signed-off-by: Art Rhyno <art632000 at yahoo.ca>
-
-20 2 Open-ILS/src/perlmods/lib/OpenILS/Application/SuperCat.pm
-commit c8e6fa563f7e83be28783c81b8d7e13a7b8576aa
-Author: Melissa Lefebvre <mlefebvre at biblio.org>
-Date: Tue Aug 14 12:58:18 2012 -0400
-
- Change grammar for lost and missing failure messages
-
- Update to the lost and missing failure wording to make it
- gramatically correct. Removed the word "has" from both
- messages.
-
- Signed-off-by: Melissa Lefebvre <mlefebvre at biblio.org>
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
+30 0 RELEASE_NOTES.txt
-2 2 Open-ILS/src/extras/ils_events.xml
-
-commit caa9a9ee35f22c3f6b613bd7210887dc0e3b65f4
-Author: Steven Chan <schan at sitka.bclibraries.ca>
-Date: Sun Jul 8 11:20:11 2012 -0700
+commit 97b0c04b74e3a8c3b98c7ea1ee5a3fd8d758705a
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Oct 31 09:00:19 2012 -0400
- Fix LP 829630, Show in Catalogue not working on Bills screen
+ Add sample log redaction config to EG opensrf_core
- The page is looking for a messagecatalog XUL element with id
- 'catStrings', but is not finding it, and so we add it to the relevant
- XUL file.
+ Redact parameter logging for the following API calls:
- It's odd why it is omitted, because a browse through the repository
- doesn't show any changes that would explain the error.
-
- Signed-off-by: James Fournie <jfournie at sitka.bclibraries.ca>
- Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
-
-1 0 Open-ILS/xul/staff_client/server/patron/bill2.xul
-
-commit d66b20e415aebf2b3308f37cb25a6612ac1fcd19
-Author: Dan Scott <dscott at laurentian.ca>
-Date: Fri Jul 27 16:27:29 2012 -0400
-
- Use MARC::Field objects to append new fields
+ Login:
+ open-ils.auth.authenticate.verify
+ open-ils.auth.authenticate.complete
+ open-ils.auth_proxy.login
- While the deprecated MARC::Record::add_fields() method allows you to add
- a list of fields using a list object, append_fields() requires
- MARC::Field objects.
+ User updates:
+ open-ils.actor.user.password
+ open-ils.actor.user.username
+ open-ils.actor.user.email
+ open-ils.actor.patron.update
+ open-ils.cstore.direct.actor.user.create
+ open-ils.cstore.direct.actor.user.update
+ open-ils.cstore.direct.actor.user.delete
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
- Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
-
- Conflicts:
- Open-ILS/src/sql/Pg/002.schema.config.sql
-8 10 Open-ILS/src/sql/Pg/002.functions.config.sql
-1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
-103 0 Open-ILS/src/sql/Pg/upgrade/0726.schema.fix_maintain_901_regex.sql
- create mode 100644 Open-ILS/src/sql/Pg/upgrade/0726.schema.fix_maintain_901_regex.sql
+18 0 Open-ILS/examples/opensrf_core.xml.example
-commit 08ad5769028661d8e8acf396443d346a3fe79ffb
-Author: Galen Charlton <gmc at esilibrary.com>
-Date: Fri Jul 27 11:23:46 2012 -0400
+commit c8ae69700a34ec126b01b58188f150376bd3f91c
+Author: Mike Rylander <mrylander at gmail.com>
+Date: Wed Oct 10 17:36:52 2012 -0400
- lp1028514: fix syntax-o in PL/PERLU version of maintain_901()
-
- Signed-off-by: Galen Charlton <gmc at esilibrary.com>
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Make it possible to suppress IDL fields
- Conflicts:
- Open-ILS/src/sql/Pg/002.schema.config.sql
-
-2 2 Open-ILS/src/sql/Pg/002.functions.config.sql
-1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
-105 0 Open-ILS/src/sql/Pg/upgrade/0725.schema.fix_maintain_901_regex.sql
- create mode 100644 Open-ILS/src/sql/Pg/upgrade/0725.schema.fix_maintain_901_regex.sql
-
-commit e88114f055088b634efd8f0aa3795b71176b1f9a
-Author: Dan Scott <dscott at laurentian.ca>
-Date: Tue Jul 24 14:14:01 2012 -0400
-
- Switch to a PLPERLU maintain_901() trigger function
+ Some clients of external services, particularly pcrud and
+ reporter-store, need to be able to access tables that contain columns
+ we'd rather restrict. For instance, the passwd field on actor.usr.
- We've been burned by regexes that fail to grok XML properly numerous
- times now. Standardizing on something that actually understands MARC
- seems like a good idea.
+ To effect this feature we provide a blacklist attribute for fields,
+ called suppress_controller, which works in the same way as the class
+ controller attribute but names controllers not allowed to use the field.
+ When the field is explicitly named in a query (fieldmapper select block
+ or json_query) an error is thrown, and suppressed fields are ingored in
+ general fieldmapper search/retreive requests.
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
Signed-off-by: Mike Rylander <mrylander at gmail.com>
-
-94 57 Open-ILS/src/sql/Pg/002.functions.config.sql
-97 66 Open-ILS/src/sql/Pg/upgrade/XXXX.schema.fix_maintain_901_regex.sql
-
-commit b6e19563b0cfb7da2bfb73d3199b86678e5188ab
-Author: Galen Charlton <gmc at esilibrary.com>
-Date: Tue Jul 24 11:51:52 2012 -0400
-
- lp1028514: fix regex replace in maintain_901()
-
- The regex used to insert the 901 field can put the new
- field in the wrong location if the MARCXML record being
- modified uses namespace prefixes. This patch tightens
- the regexp to avoid this problem.
-
- Signed-off-by: Galen Charlton <gmc at esilibrary.com>
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
-
-4 4 Open-ILS/src/sql/Pg/002.functions.config.sql
-68 0 Open-ILS/src/sql/Pg/upgrade/XXXX.schema.fix_maintain_901_regex.sql
- create mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.schema.fix_maintain_901_regex.sql
-
-commit 43dbf993a9a0a01c2a5a7948750accb2a2727541
-Author: Jason Etheridge <jason at esilibrary.com>
-Date: Mon Jun 18 14:09:51 2012 -0400
-
- patron name border color for Notes
-
- not Notes specifically, but this catches any non-alert non-blocking penalties
- and prevents a colorless border from happening
-
- Colors chosen from mrpeters' patch at
- https://bugs.launchpad.net/evergreen/+bug/921817
-
- Thanks!
-
- Signed-off-by: Jason Etheridge <jason at esilibrary.com>
- Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
-
- Conflicts:
-
- Open-ILS/xul/staff_client/server/skin/patron_display.css
-
-14 5 Open-ILS/xul/staff_client/server/skin/patron_display.css
-
-commit 1c31d5cab88fc70851e626b577b73c6e995a2c64
-Author: Bill Erickson <berick at esilibrary.com>
-Date: Wed Nov 23 10:54:51 2011 -0500
-
- Add constraint to ACQ PO state value
-
- Limit 'state' values to
-
- 'new','pending','on-order','received','cancelled'
-
- https://bugs.launchpad.net/evergreen/+bug/893193
-
Signed-off-by: Bill Erickson <berick at esilibrary.com>
- Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
-
-1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
-2 1 Open-ILS/src/sql/Pg/200.schema.acq.sql
-10 0 Open-ILS/src/sql/Pg/upgrade/0722.schema.acq-po-state-constraint.sql
- create mode 100644 Open-ILS/src/sql/Pg/upgrade/0722.schema.acq-po-state-constraint.sql
-
-commit 192ab45b37d5a37187d37a253a420c3578adf570
-Author: Ben Shum <bshum at biblio.org>
-Date: Wed Jun 27 14:01:24 2012 -0400
-
- Move Prefix field ahead of Names in patron editor
-
- In earlier versions of Evergreen (1.6 and earlier), the Prefix field
- was used to enter title information, such as Mr., Mrs., etc. When the
- field was eventually added to the newer patron registration screens
- (2.0+), it was added before the patron's last name field. Ideally,
- the prefix should be listed prior to the patron's first name instead.
-
- In addition, address label issues by changing "Suffix/Title" back to
- only "Suffix" and making "Prefix" into "Prefix/Title".
-
- Note: string changes would normally not be allowed in a stable release,
- however in this case the previous translation (if any) will still get
- pulled from the IDL for the field in question, so English will not
- suddenly start showing up in the patron registration form.
-
- Signed-off-by: Ben Shum <bshum at biblio.org>
- Signed-off-by: James Fournie <jfournie at sitka.bclibraries.ca>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
-2 2 Open-ILS/examples/fm_IDL.xml
-1 0 Open-ILS/web/templates/default/actor/user/register_table.tt2
+1 1 Open-ILS/examples/fm_IDL.xml
+1 0 Open-ILS/examples/fm_IDL.xsd
+7 0 Open-ILS/src/c-apps/oils_idl-core.c
+27 2 Open-ILS/src/c-apps/oils_sql.c
+3 0 Open-ILS/web/reports/xul/source-browse.js
+3 0 Open-ILS/web/reports/xul/source-setup.js
-commit c243355bec838c7914129ed12ebea3b6dac80371
-Author: Bill Erickson <berick at esilibrary.com>
-Date: Mon Jul 16 16:56:10 2012 -0400
+commit 19d53bda570a3eeab65e6d88e4c963b40553986b
+Author: Thomas Berezansky <tsbere at mvlc.org>
+Date: Tue Jun 19 12:23:09 2012 -0400
- Squelch uninitialized var warning from hold_copy_targeter
-
- open-ils.storage_stderr.log was getting filled with entries like:
-
- "Use of uninitialized value in concatenation (.) or string at
- /usr/local/share/perl/5.10.1/OpenILS/Application/Storage/Publisher/action.pm"
-
- ... consuming disk space endlessly. Stop that!
+ Can't use README for version, so use configure.ac
- (Stealing Lebbeous' footwork and providing a slightly different solution.)
+ Because one good "this works for now" being broken can be replaced with
+ another one easily.
- Signed-off-by: Bill Erickson <berick at esilibrary.com>
- Signed-off-by: Ben Shum <bshum at biblio.org>
- Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
-1 1 Open-ILS/src/perlmods/lib/OpenILS/Application/Storage/Publisher/action.pm
+2 2 Open-ILS/xul/staff_client/Makefile.am
commit 61e5b66f22d21761e4851abea1b1eadff6081230
Author: Dan Scott <dscott at laurentian.ca>
Date: Thu Nov 1 23:33:20 2012 -0400
Bumping version numbers for 2.1.4
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/Open-ILS/src/perlmods/lib/OpenILS.pm b/Open-ILS/src/perlmods/lib/OpenILS.pm
index ead71e2..cbcf4ed 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS.pm
@@ -6,6 +6,6 @@ OpenILS - Client and server support for the Evergreen open source library system
=cut
-our $VERSION = '2.00';
+our $VERSION = '2.14';
1;
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
index 8f31239..3abe09b 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
@@ -6,7 +6,7 @@ use base qw/OpenSRF::Application/;
sub ils_version {
# version format is "x-y-z", for example "2-0-0" for Evergreen 2.0.0
# For branches, format is "x-y"
- return "2-1-3";
+ return "2-1-4";
}
__PACKAGE__->register_method(
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index f017f70..61faf57 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -58,6 +58,7 @@ CREATE TABLE config.upgrade_log (
);
INSERT INTO config.upgrade_log (version) VALUES ('0726'); -- denials
+INSERT INTO config.upgrade_log (version) VALUES ('2.1.4');
INSERT INTO config.upgrade_log (version) VALUES ('2.1.3');
CREATE TABLE config.bib_source (
diff --git a/Open-ILS/xul/staff_client/chrome/content/main/about.html b/Open-ILS/xul/staff_client/chrome/content/main/about.html
index c0f3220..11e9919 100644
--- a/Open-ILS/xul/staff_client/chrome/content/main/about.html
+++ b/Open-ILS/xul/staff_client/chrome/content/main/about.html
@@ -1,7 +1,7 @@
<html><head><script></script></head><body onload="var x = document.getElementById('version'); var version ='/xul/server/'.split(/\//)[2]; if (version == 'server') { version = 'versionless debug build'; } x.appendChild(document.createTextNode(version));">
<h1 style="text-decoration: underline">Evergreen</h1>
<p>Target Server ID: <span id="version"></span></p>
-<p>http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_1_3</p>
+<p>http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_1_4</p>
<h2>What is Evergreen?</h2>
<blockquote>
<p>
diff --git a/Open-ILS/xul/staff_client/defaults/preferences/prefs.js b/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
index 75bb971..fac1158 100644
--- a/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
+++ b/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
@@ -11,7 +11,7 @@ pref("toolkit.singletonWindowType", "eg_main");
pref("open-ils.enable_join_tabs", true);
// We'll use this one to help brand some build information into the client, and rely on subversion keywords
-pref("open-ils.repository.headURL","http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_1_3");
+pref("open-ils.repository.headURL","http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_1_4");
pref("open-ils.repository.author","$Author$");
pref("open-ils.repository.revision","$Revision$");
pref("open-ils.repository.date","$Date$");
diff --git a/README b/README
index 0b89a3e..6102154 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
-README for Evergreen 2.1.3a
-===========================
+README for Evergreen 2.1.4
+==========================
Preamble: referenced user accounts
----------------------------------
@@ -38,8 +38,8 @@ the following commands as the *user* Linux account:
[source, bash]
------------------------------------------------------------------------------
-wget -c http://evergreen-ils.org/downloads/Evergreen-ILS-2.1.3a.tar.gz
-tar xzf Evergreen-ILS-2.1.3a.tar.gz
+wget -c http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.1.4.tar.gz
+tar xzf previews/Evergreen-ILS-2.1.4.tar.gz
------------------------------------------------------------------------------
Preamble: Developer instructions
@@ -172,7 +172,7 @@ Installation instructions
+
[source, bash]
------------------------------------------------------------------------------
-make STAFF_CLIENT_STAMP_ID=rel_2_1_3 install
+make STAFF_CLIENT_STAMP_ID=rel_2_1_4 install
------------------------------------------------------------------------------
+
2. The server portion of the staff client expects `http://hostname/xul/server`
diff --git a/configure.ac b/configure.ac
index 565a94b..aa1a841 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,8 +20,8 @@
export PATH=${PATH}:/usr/sbin
AC_PREREQ(2.61)
-AC_INIT(Open-ILS, 2.1.3, open-ils-dev at list.georgialibraries.org)
-AM_INIT_AUTOMAKE([OpenILS], [2.1.3])
+AC_INIT(Open-ILS, 2.1.4, open-ils-dev at list.georgialibraries.org)
+AM_INIT_AUTOMAKE([OpenILS], [2.1.4])
AC_REVISION($Revision: 0.1 $)
AC_CONFIG_SRCDIR([configure.ac])
AC_PREFIX_DEFAULT([/openils/])
commit 0608ae73a9c55993d4c32d277420704e9e515b6d
Author: Dan Scott <dscott at laurentian.ca>
Date: Wed Jan 16 15:18:27 2013 -0500
Revert security fixes that did not pull in previous changes
The 2.1.5 tarball contained many other commits in between 2.1.3a and
2.1.5, so the rel_2_1 branch didn't reflect what was in the tarball.
Revert, so that we can push tags/rel_2_1_5 to rel_2_1 and have an
accurate reflection of the release tarball and current state of the
release.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index d611439..2f19ddb 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -143,8 +143,6 @@ static int perm_at_threshold = 5;
static int enforce_pcrud = 0; // Boolean
static char* modulename = NULL;
-static char* _sanitize_savepoint_name( const char* sp );
-
/**
@brief Connect to the database.
@return A database connection if successful, or NULL if not.
@@ -875,15 +873,7 @@ int setSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
- if (!spName) {
- osrfLogWarning(OSRF_LOG_MARK, "savepoint.set called with no name");
- return -1;
- }
-
- char *safeSpName = _sanitize_savepoint_name( spName );
-
- dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
- free( safeSpName );
+ dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", spName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -954,15 +944,7 @@ int releaseSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
- if (!spName) {
- osrfLogWarning(OSRF_LOG_MARK, "savepoint.release called with no name");
- return -1;
- }
-
- char *safeSpName = _sanitize_savepoint_name( spName );
-
- dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
- free( safeSpName );
+ dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", spName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -1033,15 +1015,7 @@ int rollbackSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
- if (!spName) {
- osrfLogWarning(OSRF_LOG_MARK, "savepoint.rollback called with no name");
- return -1;
- }
-
- char *safeSpName = _sanitize_savepoint_name( spName );
-
- dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
- free( safeSpName );
+ dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", spName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -7048,44 +7022,4 @@ static void clear_query_stack( void ) {
pop_query_frame();
}
-/**
- @brief Remove all but safe character from savepoint name
- @param sp User-supplied savepoint name
- @return sanitized savepoint name, or NULL
-
- The caller is expected to free the returned string. Note that
- this function exists only because we can't use PQescapeLiteral
- without either forking libdbi or abandoning it.
-*/
-static char* _sanitize_savepoint_name( const char* sp ) {
-
- const char* safe_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345789_";
-
- // PostgreSQL uses NAMEDATALEN-1 as a max length for identifiers,
- // and the default value of NAMEDATALEN is 64; that should be long enough
- // for our purposes, and it's unlikely that anyone is going to recompile
- // PostgreSQL to have a smaller value, so cap the identifier name
- // accordingly to avoid the remote chance that someone manages to pass in a
- // 12GB savepoint name
- const int MAX_LITERAL_NAMELEN = 63;
- int len = 0;
- len = strlen( sp );
- if (len > MAX_LITERAL_NAMELEN) {
- len = MAX_LITERAL_NAMELEN;
- }
-
- char* safeSpName = safe_malloc( len + 1 );
- int i = 0;
- int j;
- char* found;
- for (j = 0; j < len; j++) {
- found = strchr(safe_chars, sp[j]);
- if (found) {
- safeSpName[ i++ ] = found[0];
- }
- }
- safeSpName[ i ] = '\0';
- return safeSpName;
-}
-
/*@}*/
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 272 +++++---------------
Open-ILS/src/perlmods/lib/OpenILS.pm | 2 +-
Open-ILS/src/perlmods/lib/OpenILS/Application.pm | 2 +-
Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +-
.../staff_client/chrome/content/main/about.html | 2 +-
.../xul/staff_client/defaults/preferences/prefs.js | 2 +-
Open-ILS/xul/staff_client/windowssetup.nsi | 4 +-
README | 10 +-
RELEASE_NOTES.txt | 35 +++
configure.ac | 4 +-
10 files changed, 113 insertions(+), 222 deletions(-)
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list