MCPcopy Index your code
hub / github.com/simstudioai/sim / validateWhereClause

Function validateWhereClause

apps/sim/app/api/tools/postgresql/utils.ts:79–121  ·  view source on GitHub ↗

* Validates a WHERE clause to prevent SQL injection attacks * @param where - The WHERE clause string to validate * @throws {Error} If the WHERE clause contains potentially dangerous patterns

(where: string)

Source from the content-addressed store, hash-verified

77 * @throws {Error} If the WHERE clause contains potentially dangerous patterns
78 */
79function validateWhereClause(where: string): void {
80 const dangerousPatterns = [
81 // DDL and DML injection via stacked queries
82 /;\s*(drop|delete|insert|update|create|alter|grant|revoke)/i,
83 // Union-based injection
84 /union\s+(all\s+)?select/i,
85 // File operations
86 /into\s+outfile/i,
87 /load_file\s*\(/i,
88 /pg_read_file/i,
89 // Comment-based injection (can truncate query)
90 /--/,
91 /\/\*/,
92 /\*\//,
93 // Tautologies - always true/false conditions using backreferences
94 // Matches OR 'x'='x' or OR x=x (same value both sides) but NOT OR col='value'
95 /\bor\s+(['"]?)(\w+)\1\s*=\s*\1\2\1/i,
96 /\bor\s+true\b/i,
97 /\bor\s+false\b/i,
98 // AND tautologies (less common but still used in attacks)
99 /\band\s+(['"]?)(\w+)\1\s*=\s*\1\2\1/i,
100 /\band\s+true\b/i,
101 /\band\s+false\b/i,
102 // Time-based blind injection
103 /\bsleep\s*\(/i,
104 /\bwaitfor\s+delay/i,
105 /\bpg_sleep\s*\(/i,
106 /\bbenchmark\s*\(/i,
107 // Stacked queries (any statement after semicolon)
108 /;\s*\w+/,
109 // Information schema / system catalog queries
110 /information_schema/i,
111 /pg_catalog/i,
112 // System functions and procedures
113 /\bxp_cmdshell/i,
114 ]
115
116 for (const pattern of dangerousPatterns) {
117 if (pattern.test(where)) {
118 throw new Error('WHERE clause contains potentially dangerous operation')
119 }
120 }
121}
122
123function sanitizeSingleIdentifier(identifier: string): string {
124 const cleaned = identifier.replace(/"/g, '')

Callers 2

executeUpdateFunction · 0.70
executeDeleteFunction · 0.70

Calls 1

testMethod · 0.80

Tested by

no test coverage detected