这是indexloc提供的服务,不要输入任何密码
Skip to content

Backport #89942 to 25.8: Fix escaping for some SHOW queries #90105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: 25.8
Choose a base branch
from
+50 −7
Open

Backport #89942 to 25.8: Fix escaping for some SHOW queries #90105

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion src/Databases/SQLite/DatabaseSQLite.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
#include <Parsers/ASTFunction.h>
#include <Storages/StorageSQLite.h>
#include <Databases/SQLite/SQLiteUtils.h>
#include <Common/quoteString.h>


namespace DB
Expand Down Expand Up @@ -104,7 +105,7 @@ bool DatabaseSQLite::checkSQLiteTable(const String & table_name) const
if (!sqlite_db)
sqlite_db = openSQLiteDB(database_path, getContext(), /* throw_on_error */true);

const String query = fmt::format("SELECT name FROM sqlite_master WHERE type='table' AND name='{}';", table_name);
const String query = "SELECT name FROM sqlite_master WHERE type = 'table' AND name = " + quoteStringSQLite(table_name) + ";";

auto callback_get_data = [](void * res, int, char **, char **) -> int
{
Expand Down
13 changes: 8 additions & 5 deletions src/Interpreters/InterpreterShowColumnsQuery.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,8 @@ WITH map(
'String', '{}',
'FixedString', '{}') AS native_to_mysql_mapping,
)",
remap_string_as_text ? "TEXT" : "BLOB",
remap_fixed_string_as_text ? "TEXT" : "BLOB");
remap_string_as_text ? "TEXT" : "BLOB",
remap_fixed_string_as_text ? "TEXT" : "BLOB");

rewritten_query += R"(
splitByRegexp('\(|\)', type_) AS split,
Expand Down Expand Up @@ -127,7 +127,8 @@ SELECT
'' AS privileges )";
}

rewritten_query += fmt::format(R"(
rewritten_query += fmt::format(
R"(
-- need to rename columns of the base table to avoid "CYCLIC_ALIASES" errors
FROM (SELECT name AS name_,
database AS database_,
Expand All @@ -141,7 +142,9 @@ FROM (SELECT name AS name_,
FROM system.columns)
WHERE
database_ = '{}'
AND table_ = '{}' )", database, table);
AND table_ = '{}' )",
database,
table);

if (!query.like.empty())
{
Expand All @@ -152,7 +155,7 @@ WHERE
rewritten_query += "ILIKE ";
else
rewritten_query += "LIKE ";
rewritten_query += fmt::format("'{}'", query.like);
rewritten_query += quoteString(query.like);
}
else if (query.where_expression)
rewritten_query += fmt::format(" AND ({})", query.where_expression->formatWithSecretsOneLine());
Expand Down
3 changes: 2 additions & 1 deletion src/Interpreters/InterpreterShowFunctionsQuery.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
#include <Interpreters/InterpreterShowFunctionsQuery.h>
#include <Interpreters/executeQuery.h>
#include <Parsers/ASTShowFunctionsQuery.h>
#include <Common/quoteString.h>

namespace DB
{
Expand Down Expand Up @@ -38,7 +39,7 @@ FROM {}.{})",
{
rewritten_query += " WHERE name ";
rewritten_query += query.case_insensitive_like ? "ILIKE " : "LIKE ";
rewritten_query += fmt::format("'{}'", query.like);
rewritten_query += quoteString(query.like);
}

return rewritten_query;
Expand Down
Empty file added tests/queries/0_stateless/03714_queries_escaping_1.reference
View file
Open in desktop
Empty file.
1 change: 1 addition & 0 deletions tests/queries/0_stateless/03714_queries_escaping_1.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
show columns from a.b like 'a\' or 1=1;--'
Empty file added tests/queries/0_stateless/03714_queries_escaping_2.reference
View file
Open in desktop
Empty file.
1 change: 1 addition & 0 deletions tests/queries/0_stateless/03714_queries_escaping_2.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
show functions like 'a\' or 1=1;--'
2 changes: 2 additions & 0 deletions tests/queries/0_stateless/03714_queries_escaping_3.reference
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
1
0
34 changes: 34 additions & 0 deletions tests/queries/0_stateless/03714_queries_escaping_3.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
#!/usr/bin/env bash
# Tags: no-fasttest, no-parallel
# no-parallel: dealing with an SQLite database makes concurrent SHOW TABLES queries fail sporadically with the "database is locked" error.

CUR_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
# shellcheck source=../shell_config.sh
. "$CUR_DIR"/../shell_config.sh

export CURR_DATABASE="test_03714_sqllite_${CLICKHOUSE_DATABASE}"

DB_PATH=${USER_FILES_PATH}/${CURR_DATABASE}_db1

function cleanup()
{
${CLICKHOUSE_CLIENT} --query="DROP DATABASE IF EXISTS ${CURR_DATABASE}"
}
trap cleanup EXIT


sqlite3 "${DB_PATH}" 'DROP TABLE IF EXISTS table1'

sqlite3 "${DB_PATH}" 'CREATE TABLE table1 (col1 text, col2 smallint);'

chmod ugo+w "${DB_PATH}"

sqlite3 "${DB_PATH}" "INSERT INTO table1 VALUES ('line1', 1), ('line2', 2), ('line3', 3)"

${CLICKHOUSE_CLIENT} --query="CREATE DATABASE ${CURR_DATABASE} ENGINE = SQLite('${DB_PATH}')"

${CLICKHOUSE_CLIENT} --query="EXISTS TABLE ${CURR_DATABASE}.table1;"
${CLICKHOUSE_CLIENT} --query="EXISTS TABLE ${CURR_DATABASE}.\"a\' or name='table1\";"


${CLICKHOUSE_CLIENT} --query="DROP DATABASE IF EXISTS ${CURR_DATABASE}"
Loading