Date: Tue, 27 Apr 2021 13:49:48 GMT From: =?utf-8?B?RmVybmFuZG8gQXBlc3RlZ3XDrWE=?= <fernape@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: f9372d01e096 - main - www/hiawatha : Fix run errors on 13 Message-ID: <202104271349.13RDnmEe081762@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=f9372d01e096cb391b3ebc5cd69d7bebd640b5e9 commit f9372d01e096cb391b3ebc5cd69d7bebd640b5e9 Author: Fernando ApesteguĂa <fernape@FreeBSD.org> AuthorDate: 2021-04-27 07:17:30 +0000 Commit: Fernando ApesteguĂa <fernape@FreeBSD.org> CommitDate: 2021-04-27 13:45:53 +0000 www/hiawatha : Fix run errors on 13 Change regular expressions to POSIX-style. References: https://lists.freebsd.org/pipermail/freebsd-hackers/2021-April/057275.html PR: 255182 Reported by: ascilia@free.fr --- www/hiawatha/files/patch-src_session.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/www/hiawatha/files/patch-src_session.c b/www/hiawatha/files/patch-src_session.c new file mode 100644 index 000000000000..f095434683f9 --- /dev/null +++ b/www/hiawatha/files/patch-src_session.c @@ -0,0 +1,27 @@ +--- src/session.c.orig 2021-04-27 07:15:50 UTC ++++ src/session.c +@@ -33,15 +33,15 @@ + static const struct { + const char *text; + } sqli_detection[] = { +- {"'\\s*(;\\s*)?--(\\s|')"}, +- {"\\s+(and|or|xor|&&|\\|\\|)\\s*\\(?\\s*('|[0-9]|`?[a-z\\._-]+`?\\s*(=|like)|[a-z]+\\s*\\()"}, +- {"\\s+(not\\s+)?in\\s*\\(\\s*['0-9]"}, +- {"union(\\s+all)?(\\s*\\(\\s*|\\s+)select(`|\\s)"}, +- {"select(\\s*`|\\s+)(\\*|[a-z0-9_\\, ]*)(`\\s*|\\s+)from(\\s*`|\\s+)[a-z0-9_\\.]*"}, +- {"insert\\s+into(\\s*`|\\s+).*(`\\s*|\\s+)(values\\s*)?\\(.*\\)"}, +- {"update(\\s*`|\\s+)[a-z0-9_\\.]*(`\\s*|\\s+)set(\\s*`|\\s+).*="}, +- {"delete\\s+from(\\s*`|\\s+)[a-z0-9_\\.]*`?"}, +- {"extractvalue\\s*\\(\\s*[0-9'\"@]"}, ++ {"'[[:space:]]*(;[[:space:]]*)?--([[:space:]]|')"}, ++ {"[[:space:]]+(and|or|xor|&&|\\|\\|)[[:space:]]*\\(?[[:space:]]*('|[0-9]|`?[a-z\\._-]+`?[[:space:]]*(=|like)|[a-z]+[[:space:]]*\\()"}, ++ {"[[:space:]]+(not[[:space:]]+)?in[[:space:]]*\\([[:space:]]*['0-9]"}, ++ {"union([[:space:]]+all)?([[:space:]]*\\([[:space:]]*|[[:space:]]+)select(`|[[:space:]])"}, ++ {"select([[:space:]]*`|[[:space:]]+)(\\*|[a-z0-9_\\, ]*)(`[[:space:]]*|[[:space:]]+)from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*"}, ++ {"insert[[:space:]]+into([[:space:]]*`|[[:space:]]+).*(`[[:space:]]*|[[:space:]]+)(values[[:space:]]*)?\\(.*\\)"}, ++ {"update([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*(`[[:space:]]*|[[:space:]]+)set([[:space:]]*`|[[:space:]]+).*="}, ++ {"delete[[:space:]]+from([[:space:]]*`|[[:space:]]+)[a-z0-9_\\.]*`?"}, ++ {"extractvalue[[:space:]]*\\([[:space:]]*[0-9'\"@]"}, + {NULL} + }; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202104271349.13RDnmEe081762>