Merge pull request #124 from client9/remotes/trunk

v3.1.0
2025-08-14 13:56:01 +03:00 · 2013-07-02 09:19:42 -07:00 · 2013-07-02 09:19:42 -07:00 · 229d4e4fe2
commit 229d4e4fe2
parent b1f61617b5 9eca8b5ca1
3 changed files with 34 additions and 8 deletions
--- a/apache2/libinjection/libinjection.h
+++ b/apache2/libinjection/libinjection.h
@ -19,7 +19,7 @@ extern "C" {
 * See python's normalized version
 * http://www.python.org/dev/peps/pep-0386/#normalizedversion
 */
-#define LIBINJECTION_VERSION "3.0.0"
+#define LIBINJECTION_VERSION "3.1.0"

 /**
 * Libinjection's sqli module makes a "normalized"
@ -227,21 +227,31 @@ void libinjection_sqli_reset(sfilter* sql_state, int flags);
 *
 * \param sql_state
 *
- * \return pointer to sfilter.pat as convience.
- *         do not free!
+ * \returns a pointer to sfilter.fingerprint as convenience
+ *          do not free!
 *
 */
 const char* libinjection_sqli_fingerprint(sfilter * sql_state, int flags);

-
+/**
+ * The default "word" to token-type or fingerprint function.  This
+ * uses a ASCII case-insensitive binary tree.
+ */
 char libinjection_sqli_lookup_word(sfilter *sql_state, int lookup_type,
                                   const char* s, size_t slen);

+/* Streaming tokenization interface.
+ *
+ * sql_state->current is updated with the current token.
+ *
+ * \returns 1, has a token, keep going, or 0 no tokens
+ *
+ */
 int  libinjection_sqli_tokenize(sfilter * sql_state);

 /** The built-in default function to match fingerprints
 *  and do false negative/positive analysis.  This calls the following
- *  two functions.  With this, you other-ride one part or the other.
+ *  two functions.  With this, you over-ride one part or the other.
 *
 *     return libinjection_sqli_blacklist(sql_state) &&
 *        libinject_sqli_not_whitelist(sql_state);
--- a/apache2/libinjection/libinjection_sqli.c
+++ b/apache2/libinjection/libinjection_sqli.c
@ -183,9 +183,10 @@ static int char_is_white(char ch) {
       '\v' 0x0b \013 verical tab
       '\f' 0x0c \014 new page
       '\r' 0x0d \015 carriage return
+            0x00 \000 null (oracle)
            0xa0 \240 is latin1
    */
-    return strchr(" \t\n\v\f\r\240", ch) != NULL;
+    return strchr(" \t\n\v\f\r\240\000", ch) != NULL;
 }

 /* DANGER DANGER
@ -875,7 +876,7 @@ static size_t parse_word(sfilter * sf)
    const char *cs = sf->s;
    size_t pos = sf->pos;
    size_t wlen = strlencspn(cs + pos, sf->slen - pos,
-                             " <>:\\?=@!#~+-*/&|^%(),';\t\n\v\f\r\"");
+                             " <>:\\?=@!#~+-*/&|^%(),';\t\n\v\f\r\"\000");

    st_assign(sf->current, TYPE_BAREWORD, pos, wlen, cs + pos);

@ -1128,6 +1129,15 @@ static size_t parse_number(sfilter * sf)
        }
    }

+    /* oracle's ending float or double suffix
+     * http://docs.oracle.com/cd/B19306_01/server.102/b14200/sql_elements003.htm#i139891
+     */
+    if (pos < slen) {
+        if (cs[pos] == 'd' || cs[pos] == 'D' || cs[pos] == 'f' || cs[pos] == 'F') {
+            pos += 1;
+        }
+    }
+
    st_assign(sf->current, TYPE_NUMBER, start, pos - start, cs + start);
    return pos;
 }
--- a/apache2/libinjection/libinjection_sqli_data.h
+++ b/apache2/libinjection/libinjection_sqli_data.h
@ -9686,6 +9686,7 @@ static const keyword_t sql_keywords[] = {
    {"FROM_DAYS", 'f'},
    {"FROM_UNIXTIME", 'f'},
    {"FULL OUTER", 'k'},
+    {"FULL OUTER JOIN", 'k'},
    {"FULLTEXT", 'k'},
    {"FULLTEXTCATALOGPROPERTY", 'f'},
    {"FULLTEXTSERVICEPROPERTY", 'f'},
@ -9741,6 +9742,7 @@ static const keyword_t sql_keywords[] = {
    {"INFILE", 'k'},
    {"INITCAP", 'f'},
    {"INNER", 'k'},
+    {"INNER JOIN", 'k'},
    {"INOUT", 'k'},
    {"INSENSITIVE", 'k'},
    {"INSERT", 'E'},
@ -9808,6 +9810,7 @@ static const keyword_t sql_keywords[] = {
    {"LEFT", 'n'},
    {"LEFT JOIN", 'k'},
    {"LEFT OUTER", 'k'},
+    {"LEFT OUTER JOIN", 'k'},
    {"LENGTH", 'f'},
    {"LIKE", 'o'},
    {"LIMIT", 'B'},
@ -9874,6 +9877,8 @@ static const keyword_t sql_keywords[] = {
    {"NATURAL INNER", 'k'},
    {"NATURAL JOIN", 'k'},
    {"NATURAL LEFT", 'k'},
+    {"NATURAL LEFT OUTER", 'k'},
+    {"NATURAL LEFT OUTER JOIN", 'k'},
    {"NATURAL OUTER", 'k'},
    {"NATURAL RIGHT", 'k'},
    {"NETMASK", 'f'},
@ -10029,6 +10034,7 @@ static const keyword_t sql_keywords[] = {
    {"RIGHT", 'n'},
    {"RIGHT JOIN", 'k'},
    {"RIGHT OUTER", 'k'},
+    {"RIGHT OUTER JOIN", 'k'},
    {"RLIKE", 'o'},
    {"ROUND", 'f'},
    {"ROW", 'f'},
@ -10317,5 +10323,5 @@ static const keyword_t sql_keywords[] = {
    {"||", '&'},
    {"~*", 'o'},
 };
-static const size_t sql_keywords_sz = 10150;
+static const size_t sql_keywords_sz = 10156;
 #endif