git:master:e617ef84: secfilter: little fix in w_check_sqli - sr-dev

3 Nov 2022

Module: kamailio
Branch: master
Commit: e617ef84c3bbd3bbcb780991bc45216112056f94
URL: https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc452161...
Author: Jose Luis Verdeguer pepeluxx@gmail.com
Committer: Jose Luis Verdeguer pepeluxx@gmail.com
Date: 2022-11-03T14:34:17+01:00
secfilter: little fix in w_check_sqli
---
Modified: src/modules/secfilter/secfilter.c
---
Diff:  https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc452161...
Patch: https://github.com/kamailio/kamailio/commit/e617ef84c3bbd3bbcb780991bc452161...
---

diff --git a/src/modules/secfilter/secfilter.c b/src/modules/secfilter/secfilter.c
index 90e7891aa6..5e967b2204 100644
--- a/src/modules/secfilter/secfilter.c
+++ b/src/modules/secfilter/secfilter.c
@@ -283,7 +283,7 @@ static int w_check_sqli(str val)
    memcpy(cval, val.s, val.len);
if(strstr(cval, "'") || strstr(cval, """) || strstr(cval, "--")
-			|| strstr(cval, "%27") || strstr(cval, "%24")
+			|| strstr(cval, "%27") || strstr(cval, "%22")
    		|| strstr(cval, "%60")) {
    	/* Illegal characters found */
    	lock_get(secf_lock);

    