我应该查看这段代码,并决定哪些部分可能容易受到SQL注入的攻击,为什么要对它们进行修复。我一直在扫描代码,寻找那些参数模糊的地方,但我很难找到可能容易受到攻击的地方。如果有人能快速浏览这些代码并指出任何明显的漏洞,那就太好了。当输入是单引号时,程序确实喜欢给出错误消息。此代码是跟踪活动的程序的一部分。有3个输入字段,用户名、密码和活动名称。如果有人愿意,可以发布更多代码#!/usr/bin/python3.4
import readline
import sqlite3
def audit(handle, event, obj=None):
"""Log an audit event."""
if handle[2] is None:
handle[2]=-1;
if obj==None:
handle[0].execute("insert into auditlog(userid, event)"
" values({0}, '{1}')".format(handle[2],event))
else:
handle[0].execute("insert into auditlog(userid, event, object)"
" values({0}, '{1}', {2})".format(str(handle[2]),
event, obj))
if handle[0].lastrowid is None:
"""On error, raise a SystemException"""
handle[1].commit()
handle[1].close()
raise SystemError("Error creating audit log entry.",
handle[2],event,obj)
handle[1].commit()
def register(cursor, connection, username, password):
"""Register a new user and return a connection to the database."""
cursor.execute("insert into user(username, password)"
" values('{0}', '{1}')".format(username, password))
userid=cursor.lastrowid;
if userid>0:
audit((cursor, connection, userid), "registered")
connection.commit()
print("Welcome, new user!")
return (cursor, connection, userid)
"""If the user could not be registered, raise a SystemError."""
audit((cursor, connection, 0),
"registeration error for {0}".format(username))
connection.commit()
connection.close()
raise SystemError("Unknown error registering user",username)
def connect(username, password):
"""Attempt to log in as the specified user."""
connection=sqlite3.connect('timelog.db')
cursor=connection.cursor()
"""The database is created if necessary."""
cursor.execute("create table if not exists user"
"( id integer primary key,"
" username varchar(50) unique not null,"
" password char(40) not null,"
" created datetime default CURRENT_TIMESTAMP,"
" modified datetime default CURRENT_TIMESTAMP"
")")
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
