- scheduler: fix SQL injection vulnerability

svn path=/branches/server_stable/; revision=19996

checkin_notes

@@ -8896,3 +8896,8 @@ David  6 Nov 2009
     db/
         boinc_db.cpp
 
+David  20 Dec 2009
+    - scheduler: fix SQL injection vulnerability
+
+    sched/
+        handle_request.cpp

sched/handle_request.cpp

@@ -599,7 +599,10 @@ int send_result_abort() {
         orp.reason = ABORT_REASON_NOT_FOUND;
         if (i > 0) result_names.append(", ");
         result_names.append("'");
-        result_names.append(orp.name);
+        char buf[1024];
+        strcpy(buf, orp.name);
+        escape_string(buf, 1024);
+        result_names.append(buf);
         result_names.append("'");
     }