MCPcopy Index your code
hub / github.com/simstudioai/sim / validateWhereClause

Function validateWhereClause

apps/sim/app/api/tools/mysql/utils.ts:120–161  ·  view source on GitHub ↗

* Validates a WHERE clause to prevent SQL injection attacks * @param where - The WHERE clause string to validate * @throws {Error} If the WHERE clause contains potentially dangerous patterns

(where: string)

Source from the content-addressed store, hash-verified

118 * @throws {Error} If the WHERE clause contains potentially dangerous patterns
119 */
120function validateWhereClause(where: string): void {
121 const dangerousPatterns = [
122 // DDL and DML injection via stacked queries
123 /;\s*(drop|delete|insert|update|create|alter|grant|revoke)/i,
124 // Union-based injection
125 /union\s+(all\s+)?select/i,
126 // File operations
127 /into\s+outfile/i,
128 /into\s+dumpfile/i,
129 /load_file\s*\(/i,
130 // Comment-based injection (can truncate query)
131 /--/,
132 /\/\*/,
133 /\*\//,
134 // Tautologies - always true/false conditions using backreferences
135 // Matches OR 'x'='x' or OR x=x (same value both sides) but NOT OR col='value'
136 /\bor\s+(['"]?)(\w+)\1\s*=\s*\1\2\1/i,
137 /\bor\s+true\b/i,
138 /\bor\s+false\b/i,
139 // AND tautologies (less common but still used in attacks)
140 /\band\s+(['"]?)(\w+)\1\s*=\s*\1\2\1/i,
141 /\band\s+true\b/i,
142 /\band\s+false\b/i,
143 // Time-based blind injection
144 /\bsleep\s*\(/i,
145 /\bbenchmark\s*\(/i,
146 /\bwaitfor\s+delay/i,
147 // Stacked queries (any statement after semicolon)
148 /;\s*\w+/,
149 // Information schema queries
150 /information_schema/i,
151 /mysql\./i,
152 // System functions and procedures
153 /\bxp_cmdshell/i,
154 ]
155
156 for (const pattern of dangerousPatterns) {
157 if (pattern.test(where)) {
158 throw new Error('WHERE clause contains potentially dangerous operation')
159 }
160 }
161}
162
163export function sanitizeIdentifier(identifier: string): string {
164 if (identifier.includes('.')) {

Callers 2

buildUpdateQueryFunction · 0.70
buildDeleteQueryFunction · 0.70

Calls 1

testMethod · 0.80

Tested by

no test coverage detected