diff options
author | Harald Welte <laforge@gnumonks.org> | 2010-12-26 19:12:30 +0100 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2010-12-26 19:20:15 +0100 |
commit | 019d0167b6bf3fb757a1974e108016e45e9b5aaa (patch) | |
tree | 1474889aa5f8aa4085e6b9c1ca067f119dec4acc | |
parent | c728eeaf9b3fc71c9434e6ae3515d4ddc12e66d8 (diff) |
[db] Properly quote name and extension for SQL access
-rw-r--r-- | openbsc/src/db.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/openbsc/src/db.c b/openbsc/src/db.c index fd5dd8105..2051288c3 100644 --- a/openbsc/src/db.c +++ b/openbsc/src/db.c @@ -689,8 +689,13 @@ int db_sync_subscriber(struct gsm_subscriber *subscriber) { dbi_result result; char tmsi[14]; - char *q_tmsi; + char *q_tmsi, *q_name, *q_extension; + dbi_conn_quote_string_copy(conn, + subscriber->name, &q_name); + dbi_conn_quote_string_copy(conn, + subscriber->extension, &q_extension); + if (subscriber->tmsi != GSM_RESERVED_TMSI) { sprintf(tmsi, "%u", subscriber->tmsi); dbi_conn_quote_string_copy(conn, @@ -708,14 +713,16 @@ int db_sync_subscriber(struct gsm_subscriber *subscriber) "tmsi = %s, " "lac = %i " "WHERE imsi = %s ", - subscriber->name, - subscriber->extension, + q_name, + q_extension, subscriber->authorized, q_tmsi, subscriber->lac, subscriber->imsi); free(q_tmsi); + free(q_name); + free(q_extension); if (!result) { LOGP(DDB, LOGL_ERROR, "Failed to update Subscriber (by IMSI).\n"); |