From 3624f2c44d88e6836fee1cf340ac3239a557d0b8 Mon Sep 17 00:00:00 2001
From: Tanguy Pruvot <tanguy.pruvot@gmail.com>
Date: Tue, 13 Mar 2018 17:44:33 +0100
Subject: [PATCH] stratum: be more strict with user string fields

---
 stratum/db.cpp | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/stratum/db.cpp b/stratum/db.cpp
index fbbc2b2..2e90eac 100644
--- a/stratum/db.cpp
+++ b/stratum/db.cpp
@@ -43,11 +43,19 @@ void db_close(YAAMP_DB *db)
 
 char *db_clean_string(YAAMP_DB *db, char *string)
 {
-	string[1000] = 0;
-	char tmp[1024];
+	char escaped[512] = { 0 };
+	char *c = string;
 
-	unsigned long ret = mysql_real_escape_string(&db->mysql, tmp, string, strlen(string));
-	strcpy(string, tmp);
+	size_t i, len = strlen(string);
+	for (i = 0; i < len && i < sizeof(escaped); i++) {
+		bool isdigit = (c[i] >= '0' && c[i] <= '9');
+		bool isalpha = (c[i] >= 'a' && c[i] <= 'z') || (c[i] >= 'A' && c[i] <= 'Z');
+		bool issepch = (c[i] == '=' || c[i] == ',' || c[i] == ';' || c[i] == '.');
+		bool isextra = (c[i] == '/' || c[i] == '-' || c[i] == '_');
+		if (!isdigit && !isalpha && !issepch && !isextra) { c[i] = '\0'; break; }
+	}
+	mysql_real_escape_string(&db->mysql, escaped, string, strlen(string));
+	strcpy(string, escaped);
 
 	return string;
 }