Skip to content

Commit 3a2b11c

Browse files
tudor-timcutudor-timcu
authored
Merge pull request #245 from AikidoSec/update-FFI-function-signature
Update SQL injection detection function to include size parameters for query and user input
2 parents fa22990 + 9bdf140 commit 3a2b11c

File tree

2 files changed

+15
-6
lines changed

2 files changed

+15
-6
lines changed

.github/workflows/build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ jobs:
188188
echo $AIKIDO_VERSION
189189
echo "AIKIDO_VERSION=$AIKIDO_VERSION" >> $GITHUB_ENV
190190
echo "AIKIDO_LIBZEN=libzen_internals_${{ env.ARCH }}-unknown-linux-gnu.so" >> $GITHUB_ENV
191-
echo "AIKIDO_LIBZEN_VERSION=0.1.42" >> $GITHUB_ENV
191+
echo "AIKIDO_LIBZEN_VERSION=0.1.43" >> $GITHUB_ENV
192192
193193
- name: Download artifacts
194194
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4

lib/request-processor/vulnerabilities/zen-internals/zen_internals.go

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,15 +5,18 @@ package zen_internals
55
#include <dlfcn.h>
66
#include <stdlib.h>
77
8-
typedef int (*detect_sql_injection_func)(const char*, const char*, int);
8+
typedef int (*detect_sql_injection_func)(const char*, size_t, const char*, size_t, int);
99
typedef int (*detect_shell_injection_func)(const char*, const char*);
1010
1111
int call_detect_shell_injection(detect_shell_injection_func func, const char* command, const char* user_input) {
1212
return func(command, user_input);
1313
}
1414
15-
int call_detect_sql_injection(detect_sql_injection_func func, const char* query, const char* input, int sql_dialect) {
16-
return func(query, input, sql_dialect);
15+
int call_detect_sql_injection(detect_sql_injection_func func,
16+
const char* query, size_t query_len,
17+
const char* input, size_t input_len,
18+
int sql_dialect) {
19+
return func(query, query_len, input, input_len, sql_dialect);
1720
}
1821
*/
1922
import "C"
@@ -75,8 +78,14 @@ func DetectSQLInjection(query string, user_input string, dialect int) int {
7578
defer C.free(unsafe.Pointer(cQuery))
7679
defer C.free(unsafe.Pointer(cUserInput))
7780

78-
// Call the detect_sql_injection function
79-
result := int(C.call_detect_sql_injection(detectSqlInjection, cQuery, cUserInput, C.int(dialect)))
81+
queryLen := C.size_t(len(query))
82+
userInputLen := C.size_t(len(user_input))
83+
84+
result := int(C.call_detect_sql_injection(detectSqlInjection,
85+
cQuery, queryLen,
86+
cUserInput, userInputLen,
87+
C.int(dialect)))
88+
8089
log.Debugf("DetectSqlInjection(%s, %s, %d) -> %d", query, user_input, dialect, result)
8190
return result
8291
}

0 commit comments

Comments
 (0)