Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docs: sqlite3 injection attack example is not an example of an SQL injection attack #96250

Closed
erlend-aasland opened this issue Aug 24, 2022 · 0 comments
Assignees
Labels
docs Documentation in the Doc dir topic-sqlite3 type-feature A feature request or enhancement

Comments

@erlend-aasland
Copy link
Contributor

erlend-aasland commented Aug 24, 2022

The SQL injection attack example in the sqlite3 docs takes no user input, hence it is not susceptible to an injection attack and serves badly as an example.

Also, it does not mention injection attacks that exploit the load_extension SQL API.

@erlend-aasland erlend-aasland added type-feature A feature request or enhancement docs Documentation in the Doc dir topic-sqlite3 labels Aug 24, 2022
@erlend-aasland erlend-aasland self-assigned this Aug 24, 2022
erlend-aasland added a commit that referenced this issue Dec 8, 2022
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Dec 8, 2022
)

(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Dec 8, 2022
)

(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington added a commit that referenced this issue Dec 8, 2022
(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
miss-islington added a commit that referenced this issue Dec 8, 2022
(cherry picked from commit 41d4ac9)

Co-authored-by: Jia Junjie <62194633+jiajunjie@users.noreply.github.com>
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
docs Documentation in the Doc dir topic-sqlite3 type-feature A feature request or enhancement
Projects
Status: Done
Development

No branches or pull requests

1 participant