Skip to content

fix(security): SQL injection vulnerabilities in postgres_datastore.py#490

Open
deosha wants to merge 1 commit intoopenai:mainfrom
deosha:fix/sql-injection-postgres-datastore
Open

fix(security): SQL injection vulnerabilities in postgres_datastore.py#490
deosha wants to merge 1 commit intoopenai:mainfrom
deosha:fix/sql-injection-postgres-datastore

Conversation

@deosha
Copy link
Copy Markdown

@deosha deosha commented Jan 14, 2026

Summary

This PR fixes multiple SQL injection vulnerabilities in the PostgreSQL datastore provider.

The Problem

The delete_by_filters() method used f-string interpolation to build SQL queries with user-provided filter values:

if filter.document_id:
    filters += f" document_id = '{filter.document_id}' AND"
# ... same pattern for source, source_id, author, dates
cur.execute(f"DELETE FROM {table} {filters}")

An attacker could inject arbitrary SQL through any of these filter parameters.

The Fix

  1. Parameterized queries: Converted delete_by_filters() to use %s placeholders with parameter tuples
  2. Table/column validation: Added validation to ensure table and column names contain only alphanumeric characters and underscores
  3. Safety check: Added guard against accidental deletion when no filters specified

Security Impact

Before After
Arbitrary SQL execution via filter parameters All user input properly parameterized or validated

CWE Reference

  • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Identified using aisentry, an AI/LLM security scanner for OWASP LLM Top 10 vulnerabilities.

fix(security): SQL injection vulnerabilities in postgres_datastore.py
4d4c24e 
This commit addresses multiple SQL injection vulnerabilities in the PostgreSQL
datastore provider identified by semantic taint analysis.

## Vulnerabilities Fixed

1. **delete_by_filters()** (Critical): Filter values were directly interpolated
   into SQL using f-strings, allowing SQL injection through document_id, source,
   source_id, author, start_date, or end_date parameters.

2. **upsert()**, **delete_like()**, **delete_in()**: Table and column names were
   used in f-strings without validation.

## Changes

- Converted delete_by_filters() to use parameterized queries with %s placeholders
- Added table/column name validation (alphanumeric + underscore only) to all methods
- Added safety check to prevent accidental deletion when no filters specified

## Security Impact

- Before: Attacker could execute arbitrary SQL via filter parameters
- After: All user input properly parameterized or validated

CWE-89: SQL Injection
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@deosha