[prev in list] [next in list] [prev in thread] [next in thread]
List: snort-devel
Subject: Re: [Snort-devel] Another output-database question
From: Martin Roesch <roesch () sourcefire ! com>
Date: 2005-06-27 14:28:34
Message-ID: BF31CFB6-0845-46BC-B5AA-17C78D6FB341 () sourcefire ! com
[Download RAW message or body]
Looks like you could write that:
snprintf(query->val,
(p->dsize * 2) + MAX_QUERY_LENGTH - 3,
"INSERT INTO data(sid, cid, data_payload)"
" VALUES (%u, %u, '%s')",
data->shared->sid,
data->shared->cid,
packet_data);
From where I'm sitting, but that's just me...
-Marty
On Jun 15, 2005, at 3:55 PM, Joel Esler wrote:
> Um.. I know you guys didn't code this (or if you did.. so be it..)
> but why do we have single quotes around placeholders in insert
> strings?
>
> Example
>
> < snprintf(query->val, (p->dsize * 2) +
> MAX_QUERY_LENGTH - 3,
> < "INSERT INTO "
> < "data (sid,cid,data_payload) "
> < "VALUES ('%u','%u','%s",
> < data->shared->sid,
> < data->shared->cid,
> < packet_data);
> < strcat(query->val, "')");
> < free (packet_data);
> packet_data = NULL;
> < free (packet_data_not_escaped);
> packet_data_not_escaped =
>
> The string: "VALUES ('%u','%u','%s",... wouldn't it be interpreted
> the same way if you were to enter "VALUES (%u,%u,'%s'"???
>
> Since it's a number (sid, cid) we don't need single quotes..
>
> and furthermore in that same string..
>
> "VALUES ('%u','%u','%s",
> data->shared->sid,
> data->shared->cid,
> packet_data);
> strcat(query->val, "')");
>
> wouldn't the line terminate after the first line? because of the
> double quote? and furthermore, if it went past that, wouldn't it
> terminate at the semi-colon after packet_data);?
>
> Or am I crazy?
>
> Joel
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
> _______________________________________________
> Snort-devel mailing list
> Snort-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
>
>
--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Network Defense for the Real World - http://
www.sourcefire.com
Snort: Open Source Intrusion Detection and Prevention - http://
www.snort.org
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&opĚk
_______________________________________________
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic