From: Phil Mayers <p.mayers@imperial.ac.uk>
Date: Fri, 21 Sep 2012 16:57:42 +0000 (+0100)
Subject: rlm_sql_log: use escape function argument to make safe-characters per-instance rather... 
X-Git-Tag: release_3_0_0_beta1~1662^2~1^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b0452541f9479257f5d4cebb18f843eb1a3c100;p=thirdparty%2Ffreeradius-server.git

rlm_sql_log: use escape function argument to make safe-characters per-instance rather than global
---

diff --git a/src/modules/rlm_sql_log/rlm_sql_log.c b/src/modules/rlm_sql_log/rlm_sql_log.c
index d35a8a6f46d..12ca7ad827c 100644
--- a/src/modules/rlm_sql_log/rlm_sql_log.c
+++ b/src/modules/rlm_sql_log/rlm_sql_log.c
@@ -72,7 +72,6 @@ static const CONF_PARSER module_config[] = {
 	{ NULL, -1, 0, NULL, NULL }	/* end the list */
 };
 
-static char *allowed_chars = NULL;
 
 /*
  *	Do any per-module initialization that is separate to each
@@ -108,7 +107,6 @@ static int sql_log_instantiate(CONF_SECTION *conf, void **instance)
 	}
 
 	inst->conf_section = conf;
-	allowed_chars = inst->allowed_chars;
 	*instance = inst;
 	return 0;
 }
@@ -143,7 +141,6 @@ static int sql_log_detach(void *instance)
 		free(*p);
 		*p = NULL;
 	}
-	allowed_chars = NULL;
 	free(inst);
 	return 0;
 }
@@ -151,8 +148,9 @@ static int sql_log_detach(void *instance)
 /*
  *	Translate the SQL queries.
  */
-static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, UNUSED void *arg)
+static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, void *arg)
 {
+	rlm_sql_log_t	*inst = (rlm_sql_log_t *)arg;
 	int len = 0;
 
 	while (in[0]) {
@@ -161,7 +159,7 @@ static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen,
 		 *	mime-encoded equivalents.
 		 */
 		if ((in[0] < 32) ||
-		    strchr(allowed_chars, *in) == NULL) {
+		    strchr(inst->allowed_chars, *in) == NULL) {
 			/*
 			 *	Only 3 or less bytes available.
 			 */
@@ -197,8 +195,9 @@ static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen,
 	return len;
 }
 
-static size_t sql_utf8_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, UNUSED void *arg)
+static size_t sql_utf8_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, void *arg)
 {
+	rlm_sql_log_t	*inst = (rlm_sql_log_t *)arg;
 	size_t len = 0;
 	size_t utf8 = 0;
 
@@ -226,7 +225,7 @@ static size_t sql_utf8_escape_func(UNUSED REQUEST *request, char *out, size_t ou
 		 *	mime-encoded equivalents.
 		 */
 		if ((in[0] < 32) ||
-		    strchr(allowed_chars, *in) == NULL) {
+		    strchr(inst->allowed_chars, *in) == NULL) {
 			/*
 			 *	Only 3 or less bytes available.
 			 */
@@ -324,7 +323,7 @@ static int sql_xlat_query(rlm_sql_log_t *inst, REQUEST *request, const char *que
 	/* Expand variables in the query */
 	xlat_query[0] = '\0';
 	radius_xlat(xlat_query, len, query, request,
-		    inst->utf8 ? sql_utf8_escape_func : sql_escape_func, NULL);
+		    inst->utf8 ? sql_utf8_escape_func : sql_escape_func, inst);
 	if (xlat_query[0] == '\0') {
 		radlog_request(L_ERR, 0, request, "Couldn't xlat the query %s",
 		       query);