From 842d1a6d7ab1fe62c6e9bce6d776b0d73dab0e23 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Wed, 30 Jun 2010 11:58:28 +0200 Subject: abrt_rh_support: improve error messages a bit more. Also, allow " in saved messages. Signed-off-by: Denys Vlasenko --- lib/Plugins/SQLite3.cpp | 4 ++-- lib/Utils/abrt_rh_support.cpp | 4 +--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/lib/Plugins/SQLite3.cpp b/lib/Plugins/SQLite3.cpp index 74d2dcdb..499346f4 100644 --- a/lib/Plugins/SQLite3.cpp +++ b/lib/Plugins/SQLite3.cpp @@ -52,7 +52,7 @@ static bool is_string_safe(const char *str) // it does not unescape escaped ones - I see lines ending with \ when I do it. // I wonder whether this is a bug in SQLite, and whether using unescaped // newlines is a danger with other SQL servers. -// For now, I disabled newline escaping... +// For now, I disabled newline escaping, and also allowed double quote. const char *p = str; while (*p) { @@ -63,7 +63,7 @@ static bool is_string_safe(const char *str) // continue; // } if ((c < ' ' && c != '\n') - || strchr("\\\"\'", c) + || strchr("\\\'", c) //was: "\\\"\'" ) { error_msg("Probable SQL injection: '%s'", str); return false; diff --git a/lib/Utils/abrt_rh_support.cpp b/lib/Utils/abrt_rh_support.cpp index d8216964..a162a437 100644 --- a/lib/Utils/abrt_rh_support.cpp +++ b/lib/Utils/abrt_rh_support.cpp @@ -461,11 +461,9 @@ send_report_to_new_case(const char* baseURL, errmsg = find_header_in_abrt_post_state(atch_state, "Strata-Message:"); if (!errmsg || !errmsg[0]) errmsg = atch_state->curl_error_msg; - if ((!errmsg || !errmsg[0]) && atch_state->body && atch_state->body[0]) - errmsg = atch_state->body; if (atch_state->body && atch_state->body[0]) { - if (errmsg + if (errmsg && errmsg[0] && strcmp(errmsg, atch_state->body) != 0 ) /* both strata/curl error and body are present (and aren't the same) */ allocated = errmsg = xasprintf("%s. %s", -- cgit