metin-server/m2dev-server-src
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

game: make log escaping safe before SQL connect
Some checks failed
build / Linux asan (push) Has been cancelled
Details
build / Linux release (push) Has been cancelled
Details
build / FreeBSD build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
server
2026-04-14 16:43:52 +02:00
parent f4f2692ce3
commit 52278ce6f2
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/game/log.cpp
View File

@@ -45,6 +45,33 @@ std::string LogManager::EscapeForQuery(const char* text)
return {}; return {};
const size_t text_length = strlen(text); const size_t text_length = strlen(text);
auto append_escaped_char = [](std::string& out, char ch)
{
switch (ch)
{
case '\0': out += "\\0"; break;
case '\n': out += "\\n"; break;
case '\r': out += "\\r"; break;
case '\\': out += "\\\\"; break;
case '\'': out += "\\'"; break;
case '"': out += "\\\""; break;
case '\b': out += "\\b"; break;
case '\t': out += "\\t"; break;
case '\032': out += "\\Z"; break;
default: out.push_back(ch); break;
}
};
if (!m_bIsConnect)
{
std::string escaped;
escaped.reserve(text_length * 2);
for (size_t i = 0; i < text_length; ++i)
append_escaped_char(escaped, text[i]);
return escaped;
}
std::string escaped(text_length * 2 + 1, '\0'); std::string escaped(text_length * 2 + 1, '\0');
const size_t escaped_length = m_sql.EscapeString(escaped.data(), escaped.size(), text, text_length); const size_t escaped_length = m_sql.EscapeString(escaped.data(), escaped.size(), text, text_length);
escaped.resize(escaped_length); escaped.resize(escaped_length);