Skip to content

Commit bc43739

Browse files
XiaJunjie2020XiaJunjie2020
committed
fix: Fix SQL injection vulnerability
1 parent d57cf3a commit bc43739

1 file changed

Lines changed: 9 additions & 8 deletions

File tree

backend/apps/datasource/crud/datasource.py

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -328,18 +328,19 @@ def preview(session: SessionDep, current_user: CurrentUser, id: int, data: Table
328328
if fields is None or len(fields) == 0:
329329
return {"fields": [], "data": [], "sql": ''}
330330

331+
table = session.query(CoreTable).filter(CoreTable.id == data.table.id).first()
331332
conf = DatasourceConf(**json.loads(aes_decrypt(ds.configuration))) if ds.type != "excel" else get_engine_config()
332333
sql: str = ""
333334
if ds.type == "mysql" or ds.type == "doris" or ds.type == "starrocks" or ds.type == "hive":
334-
sql = f"""SELECT `{"`, `".join(fields)}` FROM `{data.table.table_name}`
335+
sql = f"""SELECT `{"`, `".join(fields)}` FROM `{table.table_name}`
335336
{where}
336337
LIMIT 100"""
337338
elif ds.type == "sqlServer":
338-
sql = f"""SELECT TOP 100 [{"], [".join(fields)}] FROM [{conf.dbSchema}].[{data.table.table_name}]
339+
sql = f"""SELECT TOP 100 [{"], [".join(fields)}] FROM [{conf.dbSchema}].[{table.table_name}]
339340
{where}
340341
"""
341342
elif ds.type == "pg" or ds.type == "excel" or ds.type == "redshift" or ds.type == "kingbase":
342-
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{data.table.table_name}"
343+
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{table.table_name}"
343344
{where}
344345
LIMIT 100"""
345346
elif ds.type == "oracle":
@@ -348,25 +349,25 @@ def preview(session: SessionDep, current_user: CurrentUser, id: int, data: Table
348349
# ORDER BY "{fields[0]}"
349350
# OFFSET 0 ROWS FETCH NEXT 100 ROWS ONLY"""
350351
sql = f"""SELECT * FROM
351-
(SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{data.table.table_name}"
352+
(SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{table.table_name}"
352353
{where}
353354
ORDER BY "{fields[0]}")
354355
WHERE ROWNUM <= 100
355356
"""
356357
elif ds.type == "ck":
357-
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{data.table.table_name}"
358+
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{table.table_name}"
358359
{where}
359360
LIMIT 100"""
360361
elif ds.type == "dm":
361-
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{data.table.table_name}"
362+
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{conf.dbSchema}"."{table.table_name}"
362363
{where}
363364
LIMIT 100"""
364365
elif ds.type == "es":
365-
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{data.table.table_name}"
366+
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{table.table_name}"
366367
{where}
367368
LIMIT 100"""
368369
elif ds.type == "sqlite":
369-
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{data.table.table_name}"
370+
sql = f"""SELECT "{'", "'.join(fields)}" FROM "{table.table_name}"
370371
{where}
371372
LIMIT 100"""
372373
return exec_sql(ds, sql, True)

0 commit comments

Comments
 (0)