[PATCH 10/24] auth: userdb sql - Fix escaping for user iteration

author Timo Sirainen <timo.sirainen@open-xchange.com>

Tue, 24 Feb 2026 10:26:46 +0000 (12:26 +0200)

committer Noah Meyerhans <noahm@debian.org>

Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)
author Timo Sirainen <timo.sirainen@open-xchange.com>
Tue, 24 Feb 2026 10:26:46 +0000 (12:26 +0200)
committer Noah Meyerhans <noahm@debian.org>
Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)
diff --git a/src/auth/userdb-sql.c b/src/auth/userdb-sql.c

index 349f61c49e42ae0f4d1cfe353f541e84ebdd8247..09bac486508d3a25fe2f6180dad5e3044b4893bd 100644 (file)
--- a/src/auth/userdb-sql.c
+++ b/src/auth/userdb-sql.c
@@ -180,9 +180,13 @@ userdb_sql_iterate_init(struct auth_request *auth_request,
         ctx->ctx.context = context;
         auth_request_ref(auth_request);
  
-       if (settings_get(authdb_event(auth_request),
-                        &userdb_sql_setting_parser_info, 0,
-                        &set, &error) < 0) {
+       const struct settings_get_params params = {
+               .escape_func = userdb_sql_escape,
+               .escape_context = module->db,
+       };
+       if (settings_get_params(authdb_event(auth_request),
+                               &userdb_sql_setting_parser_info, &params,
+                               &set, &error) < 0) {
                 e_error(authdb_event(auth_request), "%s", error);
                 ctx->ctx.failed = TRUE;
                 return &ctx->ctx;
author	Timo Sirainen <timo.sirainen@open-xchange.com>
	Tue, 24 Feb 2026 10:26:46 +0000 (12:26 +0200)
committer	Noah Meyerhans <noahm@debian.org>
	Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)