From: Nick Porter <nick@portercomputing.co.uk>
Date: Wed, 17 Jul 2024 07:27:57 +0000 (+0100)
Subject: No need to escape boxes containing inherently safe data
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d39b486cd7a9453e600e61fc50d092ee21a0738e;p=thirdparty%2Ffreeradius-server.git

No need to escape boxes containing inherently safe data
---

diff --git a/src/modules/rlm_sql/rlm_sql.c b/src/modules/rlm_sql/rlm_sql.c
index 2a90e928017..587dad25011 100644
--- a/src/modules/rlm_sql/rlm_sql.c
+++ b/src/modules/rlm_sql/rlm_sql.c
@@ -348,6 +348,20 @@ static int CC_HINT(nonnull(2,3)) sql_xlat_escape(request_t *request, fr_value_bo
 	 */
 	if (fr_value_box_is_safe_for(vb, inst->driver)) return 0;
 
+	/*
+	 *	No need to escape types with inherently safe data
+	 */
+	switch (vb->type) {
+	case FR_TYPE_NUMERIC:
+	case FR_TYPE_IP:
+	case FR_TYPE_ETHERNET:
+		fr_value_box_mark_safe_for(vb, inst->driver);
+		return 0;
+
+	default:
+		break;
+	}
+
 	if (inst->sql_escape_arg) {
 		arg = inst->sql_escape_arg;
 	} else if (thread->sql_escape_arg) {