Bag Of Chocolate Coated Rasins – Warning – May Contain SQL | James McParlane's Blog

James McParlane's Blog

More fun than a room full of nuns with Tourette's syndrome

Skip to content

Home

← Comet McNaught And Glebe Island Bridge

In the year 2007 I resolve to…. →

Bag Of Chocolate Coated Rasins – Warning – May Contain SQL

Posted on January 22, 2007 by James McParlane

Source – The Daily WTF

Share this:

Facebook
X

Like Loading...

Related

About James McParlane

CTO Massive Interactive. Ex Computer Whiz Kid - Now Grumpy Old Guru.

View all posts by James McParlane →

This entry was posted in Coolhunting, Just Kidding. Bookmark the permalink.

← Comet McNaught And Glebe Island Bridge

In the year 2007 I resolve to…. →

1 Response to Bag Of Chocolate Coated Rasins – Warning – May Contain SQL

emerson says:

January 30, 2007 at 12:38 am

Hmmm… This exactly the kindof reason why i just spent a day finding a reliable way of sanitising printf style format strings in my sql library.

First you parse the format string, identify all the arguments, then call your vsnprintf with chunks of the format string, making sure that the %s arguments are reprocessed to escape nasty things, and increment the va pointer between calls using types inferred from the format string.

Works like a charm, may contain traces of nuts.

Reply

Leave a reply to emerson Cancel reply

Δ

Search for:
Recent Posts
Archives
- August 2023
- March 2019
- October 2016
- May 2016
- August 2015
- May 2015
- April 2015
- October 2014
- July 2014
- June 2014
- February 2014
- January 2014
- December 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- September 2012
- May 2012
- April 2012
- February 2012
- May 2011
- April 2011
- August 2010
- July 2010
- September 2009
- May 2009
- March 2009
- November 2008
- September 2008
- August 2008
- July 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- January 2005
- November 2004
- October 2004
- September 2004
- July 2004
- April 2004
- August 1996
- December 1994
- February 1992
Categories
- .NET
- AJAX
- AttentionRank
- Axonomics
- Browsers
- C#
- Chrome
- Coolhunting
- CSS
- dasBlog
- Downtime
- Family
- Faster Than Light
- Flash
- GL
- Hardware
- IPTV
- JavaScript
- JavaScript Benchmarks
- Just Kidding
- LOL-STAR
- MakerBot
- Massive
- Me Myself and I
- Meta-Narrative
- MetaWrap Server
- Mobile Phones
- MonoGame
- Music & Art
- My Hardware
- Nostalgia for Misspent Youth
- Ookle
- Parsing Theory
- Politics
- qr.tl
- Quantum Mechanics
- Rants
- Search
- Silverlight
- TheGame
- Things To Do
- ThumbWhere.com
- TimeConverter
- Twitter
- Uncategorized
- Web0.0
- Web2.0
- Whining
- XML
- XPath
Meta

James McParlane's Blog

Blog at WordPress.com.

Comment
Reblog
Subscribe Subscribed
- James McParlane's Blog
- Already have a WordPress.com account? Log in now.

%d