From 5d882f78aed1fb24e3d3a7a83c9a6b8e50bd99fc Mon Sep 17 00:00:00 2001 From: Barry Lind Date: Tue, 22 Jul 2003 05:13:05 +0000 Subject: Fix to prevent SQL injection attacks when calling setObject(int,Object,int) where the Object is a String and the type is numeric (i.e. INTEGER,LONG,etc). The fix applies the standard escaping for these values. Modified Files: Tag: REL7_3_STABLE jdbc/org/postgresql/Driver.java.in jdbc/org/postgresql/jdbc1/AbstractJdbc1Statement.java --- src/interfaces/jdbc/org/postgresql/Driver.java.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/interfaces/jdbc/org/postgresql/Driver.java.in') diff --git a/src/interfaces/jdbc/org/postgresql/Driver.java.in b/src/interfaces/jdbc/org/postgresql/Driver.java.in index 4d27f3da573..164c1d056b4 100644 --- a/src/interfaces/jdbc/org/postgresql/Driver.java.in +++ b/src/interfaces/jdbc/org/postgresql/Driver.java.in @@ -446,6 +446,6 @@ public class Driver implements java.sql.Driver } //The build number should be incremented for every new build - private static int m_buildNumber = 110; + private static int m_buildNumber = 111; } -- cgit v1.2.3