patched-codes · CTY-git · Jun 25, 2024 · Jun 25, 2024 · Jun 25, 2024
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -10,6 +10,9 @@ services:
 
   redis:
     image: redis:alpine
+    security_opt:
+      - "no-new-privileges:true"
+    read_only: true
 
   sqli:
     build:

diff --git a/sqli/dao/student.py b/sqli/dao/student.py
@@ -39,9 +39,6 @@ async def get_many(conn: Connection, limit: Optional[int] = None,
 
     @staticmethod
     async def create(conn: Connection, name: str):
-        q = ("INSERT INTO students (name) "
-             "VALUES ('%(name)s')" % {'name': name})
+        q = "INSERT INTO students (name) VALUES (%s)"
         async with conn.cursor() as cur:
-            await cur.execute(q)
-
-
+            await cur.execute(q, (name,))
diff --git a/sqli/dao/user.py b/sqli/dao/user.py
@@ -1,4 +1,4 @@
-from hashlib import md5
+from hashlib import scrypt
 from typing import NamedTuple, Optional
 
 from aiopg import Connection
@@ -10,7 +10,7 @@
     middle_name: Optional[str]
     last_name: str
     username: str
-    pwd_hash: str
+    pwd_hash: bytes
     is_admin: bool
 
     @classmethod
@@ -38,4 +38,4 @@
             return User.from_raw(await cur.fetchone())
 
     def check_password(self, password: str):
-        return self.pwd_hash == md5(password.encode('utf-8')).hexdigest()
+        return self.pwd_hash == scrypt(password.encode('utf-8'), salt=b'salt', n=16384, r=8, p=1)