Re: Bug saving NUL character?
Should I create a ticket on trac for this? Alexandre Martani On 11 fev, 19:20, Robert Gravsjö <[EMAIL PROTECTED]> wrote: > Patryk Zawadzki wrote: > > --- 8< --- > > > What kind of injection? It did not terminate the SQL query, just the > > contents of one field. SQL termination in the middle of a quoted > > string would result in a failed transaction. Also, AFAIR Django uses > > prepared statements so there's no possibility to execute code from a > > Are you sure about this? Any reference (docs, code)? AFAICT django does > not use prepared statements. > > Regards, > /roppert > > > bound variable. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
Re: Bug saving NUL character?
On 7 fev, 09:33, "Patryk Zawadzki" <[EMAIL PROTECTED]> wrote: > On Feb 7, 2008 4:15 AM, Alexandre Martani <[EMAIL PROTECTED]> wrote: > > > Hi, > > When I try to save a string containing NUL character (\x00), only the > > part before the character is saved. I have created a simple model: > > > class Test(models.Model): > >content = models.TextField() > > Text fields are not meant to store binary data. This might as well be > the underlying RDBMS limitation. Am I supposed to check every single form before saving to the database? If so, there is at least a bug in newforms' CharField, as it doesn't check it. > > Since python supports NUL character in strings, Django should support > > them too, or at least raise an error, or just drop it, but not losing > > all the end of the string. > > Have you confirmed that the SQL generated by Django does not contain > the null character? I don't know how to do it, and I don't think so. I tried to do the same with MySQL, and it doesn't happen. But Django should generate custom SQL for the database, i.e., a query that *works* with the database. > > Also, it is possible to send a NUL > > character through GET or POST, so I think this bug could lead to a SQL > > Injection. > > What kind of injection? It did not terminate the SQL query, just the > contents of one field. SQL termination in the middle of a quoted > string would result in a failed transaction. Also, AFAIR Django uses > prepared statements so there's no possibility to execute code from a > bound variable. Ok, forget it. Alexandre Martani --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
Bug saving NUL character?
Hi, When I try to save a string containing NUL character (\x00), only the part before the character is saved. I have created a simple model: class Test(models.Model): content = models.TextField() And this happens: >>> from mysite.test.models import Test >>> test = Test(content="blabla\x00blablabla") >>> test.content 'blabla\x00blablabla' >>> test.save() >>> test.pk 1 >>> Test.objects.get(pk=1).content u'blabla' >>> test.content 'blabla\x00blablabla' The end of the string is simply lost, no errors are raised, nothing. Since python supports NUL character in strings, Django should support them too, or at least raise an error, or just drop it, but not losing all the end of the string. Also, it is possible to send a NUL character through GET or POST, so I think this bug could lead to a SQL Injection. This happens on Django 0.96.1 and SVN, using SQLite database. Alexandre Martani --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~--~~~~--~~--~--~---
