From patchwork Wed Feb 12 15:23:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Fleischer X-Patchwork-Id: 1509 Return-Path: Delivered-To: patchwork@archlinux.org Received: from apollo.archlinux.org (localhost [127.0.0.1]) by apollo.archlinux.org (Postfix) with ESMTP id 91678170240F8 for ; Wed, 12 Feb 2020 15:23:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on apollo.archlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1, MAILING_LIST_MULTI=-1,RCVD_IN_DNSWL_LOW=-0.7,SPF_HELO_NONE=0.001, T_DMARC_POLICY_NONE=0.01 autolearn=ham autolearn_force=no version=3.4.3 X-Spam-BL-Results: [127.0.9.1] Received: from orion.archlinux.org (orion.archlinux.org [IPv6:2a01:4f8:160:6087::1]) by apollo.archlinux.org (Postfix) with ESMTPS for ; Wed, 12 Feb 2020 15:23:04 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 87BE418E5B041F; Wed, 12 Feb 2020 15:23:02 +0000 (UTC) Received: from luna.archlinux.org (luna.archlinux.org [IPv6:2a01:4f8:160:3033::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: luna) by orion.archlinux.org (Postfix) with ESMTPSA id 6502218E5B041B; Wed, 12 Feb 2020 15:23:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1581520982; bh=k3EdfN2HySWuAErZeVO+NfQ4DlypNsez/S3nCLgEt2c=; h=From:To:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=wI6eptfKJpyxbplotg1Gqmnj2JugjunZzy0B4HfN6Smpj7sKx8hefZ9UkhSGYWB2i yKAq4hTmPpwFaS/injxq2fY+l/uSv7e0yMNYnJaiE/x2MtrpLTzwtij4mZT0p3D1Jk IPT8uCq02HQyFkmWFEgeKZasbsouMFF7LJ0i61yLLc9EVcw+O7I44UY16JeegztwCd W+R8cGugmvceDhMzwLfYb0Xikd01oI9SOaRBSykMXnxucq3KCt+j11pcti1viC0g7L +RvUuaaMdR7iuofhzBjGCUtIQCh0uis/u8FoMstOaQ9IZlazolfO90UE6CsQnDiIEt WOdSh8iqX5JR6Aj0592jAhNyGbttmEpbU7sMVEs8HASsfLpJP86Ntbb8inVfdkPZmj 1HIUdNZBkvrjXCtJ0i3pPuH/XCWbs0JInDWKGklZ2KHq5Hlw7IrmiuY+EAeRa8JPf6 ho6Oy3k8/rlxJaPOt1UP+0WhpryDVP0EyOY52F72jD/ZppLalK3FJF0HihfJMIClJr Yh7GCfxkKyZoBsmkQ4WMD35XFuYhOfe/lir/RlO/sxf3YOHyUB5VwSB7U93IqUBfy6 2vM2sx0Z+Ms7RcRF6pPDdVWBpMTql6dRMunXtfTb7ZVi6uLLZCgJGkw0RDWkhrtkeM tby1ne9/KpprIeRsTY2sWDkA= Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id 52DBF29D01; Wed, 12 Feb 2020 15:23:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=luna2; t=1581520982; bh=k3EdfN2HySWuAErZeVO+NfQ4DlypNsez/S3nCLgEt2c=; h=From:To:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=DgQZOc4ZjKVpaE7LfcQAoGp1cwwHyC6VtXTCQYXRXZ/7gK+Ig5zvk8aQl5uGfbVHC zIA5uf97bheMpYvM5gcTpEkpJWKJiLa5zm3P6lZ8L+WdWXMNjpW+znZMSBP7oIPQC3 78qPpocyGANNaOzO04p/65dxgt9+SVgVA2ZT7a9VNoUbsB4jpTX9Knd9a2djYXx6nX pCbbGGDAU/nluQXgaWd4tVWRkf1npgVyH1MYMa8FcwIHHzHEt1VcoOP6KQogtM1VmW vWPzrXejfPvOj2XjSiqj3w6ZA18H2e0KlK0/nTUHu6ZaaHA4UXFMltRnCuau5nLY8O sSXO0Gp9UNoNW7sk/Gky2rf/7R+TAUqlVNyrooC+NjJkJObV98bCZk+1Pecw/r4q12 hYss8NRjLdH+5CQpeDkOS9S0KE9x6NWsr4/fKICQ8kmCIjTLZV0qDJrR2sySejqajG 65TVRODym+ruvSxr3ySr7Jw/6AjMWZrVk+MDkWu0y1whLPp3KgfTHUi3Rw7SG04jBY Se/6+02DaHnxF8+lez/XaXjnt2tdzCKwm1yCxSa10huW4QsZ4jPnZlbVz0jz+OWTit 03XRejcvbjVf9BW4IO5GJnJYFYiZIxZl5G51+S4LSZvvioQnfi3L/hDo3lmo2eCPuX gmFF1lhljAUgG/xStVv6oKKw= Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id 6CCD129CE9 for ; Wed, 12 Feb 2020 15:22:59 +0000 (UTC) Received: from orion.archlinux.org (orion.archlinux.org [IPv6:2a01:4f8:160:6087::1]) by luna.archlinux.org (Postfix) with ESMTPS for ; Wed, 12 Feb 2020 15:22:59 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 48FC718E5B0417 for ; Wed, 12 Feb 2020 15:22:58 +0000 (UTC) Received: from localhost (unknown [IPv6:2a02:8070:24e4:b800:b66b:fcff:fe3e:6273]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: lfleischer) by orion.archlinux.org (Postfix) with ESMTPSA id 2924D18E5B0416 for ; Wed, 12 Feb 2020 15:22:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1581520978; bh=k3EdfN2HySWuAErZeVO+NfQ4DlypNsez/S3nCLgEt2c=; h=From:To:Subject:Date; b=R9nPXKCc4othsKuYxQdf+bnAQKYBIgH6pGWCsryLnVrBOG+CRB9907Qxy3LO17pvX 0xB8LlOqnLLY3YitvirnZyk2Fy/NOArkNCYaFxc8yXQf+dldawMUfgNbjLuVETbkpP WF+sRtQlZALcK1gWy5XfC7IKi9as0TX3Ml1mcK+r2/71xfy42WRfwHnMyz2Bh/sc/H d0rcJzfYSgd3hl9ix77XRhNoYvwIAKGiDZUKqZI0285t+vnPj0sidBQkbE5eJ5AL8L 0BXiCEkqIKUjhLHvbpKc0JbKv0Vg654IE8l2Kv1BS/CcsNowK2tHgfWr9ClWcXDGk5 cq3f09b6aFyr/J1E6tpjRqtF/z8RBtdoyHuQFFRkDoS44SCybYjzYFXnsj0aCEzHZ3 DbwElb9ntjBCZXnHbwhuUs5Tir2hLJIA6KBDMm1wPPXfpyj6NcJ91XSGbHD5e63u+9 5QZyEHlS27yKo9+QcE3o6P4IHphn8HD93OQDesTN4MvKiuV07qob90J3Qf+ndVoRBg Ex17QekQ2UaUg9AMeUuk0ALqbHXzcXHoUyOT51Qp9BTXDo6jYewYU1mGKCX8BxZjjp OTLquj+5h5dB9V6jF8EBklE7iJtLfrIDlPMcjZhbHvfy+4iYNHkxiN4z7nugiKcoci VHplKM/mfyaXyXboSEgJ/78o= From: Lukas Fleischer To: aur-dev@archlinux.org Subject: [PATCH] Verify that return rows exist before extracting columns Date: Wed, 12 Feb 2020 16:23:20 +0100 Message-Id: <20200212152320.13763-1-lfleischer@archlinux.org> X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 X-BeenThere: aur-dev@archlinux.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Arch User Repository \(AUR\) Development" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: aur-dev-bounces@archlinux.org Sender: "aur-dev" Signed-off-by: Lukas Fleischer --- web/lib/aur.inc.php | 21 +++++++++++++++++++++ web/lib/pkgfuncs.inc.php | 3 +++ 2 files changed, 24 insertions(+) diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index e9530fc..2507df6 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -197,6 +197,9 @@ function username_from_id($id) { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -222,6 +225,9 @@ function username_from_sid($sid="") { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -339,6 +345,9 @@ function email_from_sid($sid="") { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -365,6 +374,9 @@ function account_from_sid($sid="") { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -390,6 +402,9 @@ function uid_from_sid($sid="") { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -512,6 +527,9 @@ function uid_from_username($username) { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } @@ -546,6 +564,9 @@ function uid_from_email($email) { } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; } diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index a4cd17a..b30bfa9 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -147,6 +147,9 @@ function pkg_from_name($name="") { return; } $row = $result->fetch(PDO::FETCH_NUM); + if (!$row) { + return null; + } return $row[0]; }