8000 Docs: sqlite3 injection attack example is not an example of an SQL injection attack · Issue #96250 · python/cpython · GitHub
[go: up one dir, main page]
Skip to content

Docs: sqlite3 injection attack example is not an example of an SQL injection attack #96250

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
erlend-aasland opened this issue Aug 24, 2022 · 0 comments
Closed

Docs: sqlite3 injection attack example is not an example of an SQL injection attack #96250

erlend-aasland opened this issue Aug 24, 2022 · 0 comments
Assignees
@erlend-aasland
Labels
docs Documentation in the Doc dir topic-sqlite3 type-feature A feature request or enhancement

Comments

@erlend-aasland
Copy link
Contributor
erlend-aasland commented Aug 24, 2022
edited by bedevere-bot
Loading

The SQL injection attack example in the sqlite3 docs takes no user input, hence it is not susceptible to an injection attack and serves badly as an example.

Also, it does not mention injection attacks that exploit the load_extension SQL API.
@erlend-aasland erlend-aasland added type-feature A feature request or enhancement docs Documentation in the Doc dir topic-sqlite3 labels Aug 24, 2022
@erlend-aasland erlend-aasland self-assigned this Aug 24, 2022
@erlend-aasland erlend-aasland moved this to In Progress in sqlite3 issues Aug 24, 2022
@bedevere-bot bedevere-bot mentioned this issue Nov 9, 2022
Merged
This was referenced Dec 8, 2022
Merged
Merged
erlend-aasland added a commit that referenced this issue Dec 8, 2022
@jiajunjie @CAM-Gerlach @erlend-aasland
gh-96250: Improve sqlite3 injection attack example (#99270)
41d4ac9 
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Dec 8, 2022
@jiajunjie @CAM-Gerlach
@erlend-aasland @miss-islington
pythongh-96250: Improve sqlite3 injection attack example (pythonGH-99270
d473e77 
)

(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Dec 8, 2022
@jiajunjie @CAM-Gerlach
@erlend-aasland @miss-islington
pythongh-96250: Improve sqlite3 injection attack example (pythonGH-99270
2507938 
)

(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington added a commit that referenced this issue Dec 8, 2022
@miss-islington @jiajunjie
@CAM-Gerlach @erlend-aasland
gh-96250: Improve sqlite3 injection attack example (GH-99270)
8ef6045 
(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington added a commit that referenced this issue Dec 8, 2022
@miss-islington @jiajunjie
@CAM-Gerlach @erlend-aasland
gh-96250: Improve sqlite3 injection attack example (GH-99270)
ecb16d5 
(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Repository owner moved this from In Progress to Done in sqlite3 issues Dec 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@erlend-aasland erlend-aasland

Labels
docs Documentation in the Doc dir topic-sqlite3 type-feature A feature request or enhancement
Projects
sqlite3 issues
Status: Done
Milestone
No milestone
Development

No branches or pull requests
1 participant
@erlend-aasland
0