Bug#29592 SQL Injection issue
Remove the mysql_odbc_escape_string() function. The function has multi-byte character escaping issues, doesn't honor the NO_BACKSLASH_ESCAPES mode and is not used anymore by the Connector/ODBC as of 3.51.17. include/mysql.h: Remove mysql_odbc_escape_string() prototype. include/mysql_h.ic: Update abi check file, mostly line changes and mysql_odbc_escape_string removal. libmysql/libmysql.c: Remove mysql_odbc_escape_string() body. libmysql/libmysql.def: Remove mysql_odbc_escape_string() libmysqld/libmysqld.def: Remove mysql_odbc_escape_string()
Showing
Please register or sign in to comment