On Oct. 2, 2013, 12:52 p.m., Radek Novacek wrote:
> openlmi-mof-register.py, lines 296-304
>
<
http://reviewboard-openlmi.rhcloud.com/r/915/diff/1/?file=5057#file5057li...
>
> There is possible SQL injection here. Do we care about it?
No. If you're running the script, you're the superuser already.
- Tomas
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard-openlmi.rhcloud.com/r/915/#review1277
-----------------------------------------------------------
On Oct. 2, 2013, 12:43 p.m., Tomas Smetana wrote:
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard-openlmi.rhcloud.com/r/915/
-----------------------------------------------------------
(Updated Oct. 2, 2013, 12:43 p.m.)
Review request for OpenLMI Developers.
Repository: openlmi-providers
Description
-------
This is an aggregate patch (sorry) of several issues I have discovered in the new
registration script:
- Print usage when invoked with no arguments
- Fix SQL parameters bindings: use tuples properly
- Fix querying of registrations with no REG file
- Log the "main" action before it's actually performed for better logs
readability
Diffs
-----
openlmi-mof-register.py bac1e2393e09826983f32bade4f45cc342290e00
Diff:
http://reviewboard-openlmi.rhcloud.com/r/915/diff/
Testing
-------
Thanks,
Tomas Smetana