From b0af4d272db97334565a265c85eed898c426d4e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= <rene.cannao@gmail.com>
Date: Wed, 12 Feb 2020 02:35:41 +0100
Subject: [PATCH] Fix 2 bugs related to firewall

* Query_Processor::find_firewall_whitelist_rule() wasn't correctly finding rules
* SQL injection algorithm should only be triggered if the query isn't blocked already
---
 lib/MySQL_Session.cpp   | 2 +-
 lib/Query_Processor.cpp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/MySQL_Session.cpp b/lib/MySQL_Session.cpp
index 9720b290a..0be46645c 100644
--- a/lib/MySQL_Session.cpp
+++ b/lib/MySQL_Session.cpp
@@ -3371,7 +3371,7 @@ __get_pkts_from_client:
 									}
 									assert(qpo);	// GloQPro->process_mysql_query() should always return a qpo
 									rc_break=handler___status_WAITING_CLIENT_DATA___STATE_SLEEP___MYSQL_COM_QUERY_qpo(&pkt, &lock_hostgroup);
-									if (mirror==false) {
+									if (mirror==false && rc_break==false) {
 										if (mysql_thread___automatic_detect_sqli) {
 											if (client_myds->com_field_list == false) {
 												if (qpo->firewall_whitelist_mode != WUS_OFF) {
diff --git a/lib/Query_Processor.cpp b/lib/Query_Processor.cpp
index 32379e082..d777d2906 100644
--- a/lib/Query_Processor.cpp
+++ b/lib/Query_Processor.cpp
@@ -2106,7 +2106,7 @@ bool Query_Processor::find_firewall_whitelist_rule(char *username, char *client_
 	s += rand_del;
 	s += schemaname;
 	s += rand_del;
-	s += flagIN;
+	s += to_string(flagIN);
 	std::unordered_map<std::string, void *>:: iterator it;
 	it = global_mysql_firewall_whitelist_rules.find(s);
 	if (it != global_mysql_firewall_whitelist_rules.end()) {