koji

Clone

#3659 rawdata not needed for callnum update
Merged a year ago by tkopecek. Opened a year ago by mikem.
mikem/koji rawdata-not-needed  into  master

file modified
+1 -1 
@@ -206,7 +206,7 @@ 
 

          # update callnum (this is deliberately after the commit)
 

          # see earlier note near RetryError
 

          if callnum is not None:
 

-             update = UpdateProcessor('sessions', rawdata={'callnum': callnum},
 

+             update = UpdateProcessor('sessions', data={'callnum': callnum},
 

                                       clauses=['id = %(id)i'], values={'id': id})
 

              update.execute()
 

              # we only want to commit the callnum change if there are other commits

I noticed this when reviewing #3657. The use of rawdata here is not necessary and as such should be avoided for safety.

Note that the existing code is not a security flaw, since the callnum value is validated to be an integer above.

:thumbsup:

Commit e0b48d3 fixes this pull-request

Pull-Request has been merged by tkopecek
a year ago
Metadata
None
No Tags
Changes Summary 1
+1 -1
file changed
koji/auth.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.