File Fix-SQL-injection-vulnerability-in-db.remove-method.patch of Package opensnitch
See: https://github.com/evilsocket/opensnitch/pull/1555
Index: opensnitch-1.8.0/ui/opensnitch/database/__init__.py
===================================================================
--- opensnitch-1.8.0.orig/ui/opensnitch/database/__init__.py
+++ opensnitch-1.8.0/ui/opensnitch/database/__init__.py
@@ -424,14 +424,19 @@ class Database:
return None
- def remove(self, qstr):
+ def remove(self, qstr, args=None):
try:
- q = QSqlQuery(qstr, self.db)
- if q.exec():
- return True
- else:
- print("db, remove() ERROR: ", qstr)
- print(q.lastError().driverText())
+ with self._lock:
+ q = QSqlQuery(self.db)
+ q.prepare(qstr)
+ if args:
+ for arg in args:
+ q.addBindValue(arg)
+ if q.exec():
+ return True
+ else:
+ self.logger.error("db, remove() ERROR: %s", qstr)
+ self.logger.error("%s", q.lastError().driverText())
except Exception as e:
print("db, remove exception: ", e)
Index: opensnitch-1.8.0/ui/opensnitch/dialogs/stats.py
===================================================================
--- opensnitch-1.8.0.orig/ui/opensnitch/dialogs/stats.py
+++ opensnitch-1.8.0/ui/opensnitch/dialogs/stats.py
@@ -1051,8 +1051,8 @@ class StatsDialog(QtWidgets.QDialog, uic
elif cur_idx == self.TAB_USERS:
field = "uid"
- ret1 = self._db.remove("DELETE FROM {0} WHERE what = '{1}'".format(table, value))
- ret2 = self._db.remove("DELETE FROM connections WHERE {0} = '{1}'".format(field, value))
+ ret1 = self._db.remove("DELETE FROM {0} WHERE what = ?".format(table), [value])
+ ret2 = self._db.remove("DELETE FROM connections WHERE {0} = ?".format(field), [value])
return ret1 and ret2
@@ -2281,7 +2281,7 @@ class StatsDialog(QtWidgets.QDialog, uic
return
addr = self.TABLES[self.TAB_NODES]['label'].text()
- if self._db.remove("DELETE FROM nodes WHERE addr = '{0}'".format(addr)) == False:
+ if self._db.remove("DELETE FROM nodes WHERE addr = ?", [addr]) is False:
Message.ok(
QC.translate("stats",
"<b>Error deleting node</b><br><br>",
