Skip to content

Commit 1229c2e

Browse files
turkjaturkja
authored
Merge pull request #3 from alphillips-lab/master
Fixing SQLi vuln/bug by parameterizing database insertions
2 parents be40ac5 + de40ef5 commit 1229c2e

File tree

3 files changed

+335
-99
lines changed

3 files changed

+335
-99
lines changed

GMLib/Collector.cs

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -130,6 +130,7 @@ public int Run()
130130
process.Pid = Pid;
131131
process.Arch = IntPtr.Size == 8 ? "AMD64" : "X86";
132132
process.Date = DateTime.Now.ToString();
133+
process.Path = "";
133134
}
134135
try
135136
{
@@ -204,7 +205,7 @@ public int Run()
204205
DbgMsg(evt.Msg);
205206
};
206207

207-
DbgMsg($"Processing target {id} with pid={target.Pid}...");
208+
DbgMsg($"Action: Processing target {id} with pid={target.Pid}...");
208209
try
209210
{
210211
target.Collect();
@@ -225,12 +226,17 @@ public int Run()
225226
}
226227

227228
if (DataBasePath != null)
228-
DbgMsg("Adding target to database...");
229+
DbgMsg("Beginning Database coordination...");
229230

230231
// Add the process only once
231232
if (id == 1)
233+
{
234+
DbgMsg("Adding process to database...");
232235
Db?.AddProcess(process);
236+
}
237+
DbgMsg("Adding snapshot to database...");
233238
Db?.AddSnapshot(snapshot);
239+
DbgMsg("Adding target to database...");
234240
Db?.AddTarget(target);
235241
target.Close();
236242

0 commit comments

Comments
 (0)