diff -Nru /tmp/4fCGVl7C4o/xtradius-1.2.1-beta2/contrib/authmysql/authmysql.c /tmp/pjjbxPhZcv/xtradius-1.2.1-beta2/contrib/authmysql/authmysql.c
--- /tmp/4fCGVl7C4o/xtradius-1.2.1-beta2/contrib/authmysql/authmysql.c	2002-03-02 15:45:02.000000000 +0000
+++ /tmp/pjjbxPhZcv/xtradius-1.2.1-beta2/contrib/authmysql/authmysql.c	2005-05-06 07:27:23.639379832 +0000
@@ -61,9 +61,12 @@
 
 */
 
+    if (strstr(argv[1], "'") == NULL){
     command_length = strlen(SQL_SELECT) + strlen(argv[1]) + strlen(argv[2]);
          command = (char *) malloc(command_length*sizeof(char)); 
              sprintf(command,SQL_SELECT,argv[1]);
+    }
+    else exit(-1);
 
 
 /*