Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.databases.postgresql > #847
| Path | csiph.com!eternal-september.org!feeder.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail |
|---|---|
| From | sten.unto@gmail.com (Unto Sten) |
| Newsgroups | comp.databases.postgresql |
| Subject | plpgsql function SQL injection vulnerability? |
| Date | Thu, 25 Oct 2018 17:11:17 -0000 (UTC) |
| Organization | A noiseless patient Spider |
| Lines | 31 |
| Sender | <untosten@localhost.localdomain> |
| Message-ID | <pqstfl$bse$1@dont-email.me> (permalink) |
| Injection-Date | Thu, 25 Oct 2018 17:11:17 -0000 (UTC) |
| Injection-Info | reader02.eternal-september.org; posting-host="ebd7f3eb21d074b9e4b6e31cedd35ffd"; logging-data="12174"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/Q3cLCx9AZIfy4rnlB2y02rmmMd9GVFzU=" |
| User-Agent | tin/2.4.2-20171224 ("Lochhead") (UNIX) (Linux/4.18.11-200.fc28.x86_64 (x86_64)) |
| Cancel-Lock | sha1:Q0b9cbSNzPkDODKXaVkncX3mVdo= |
| Xref | csiph.com comp.databases.postgresql:847 |
Show key headers only | View raw
Hello! I have a question that is probably easy for the PostgreSQL experts. Consider a simple function: ################################### CREATE OR REPLACE FUNCTION search_for_address(re TEXT) RETURNS TABLE(line VARCHAR) AS $$ BEGIN RETURN QUERY SELECT k.line FROM kdata k WHERE k.line ~* re ORDER BY k.line ASC LIMIT 100; END; $$ LANGUAGE plpgsql SECURITY DEFINER; ################################### Is this function vulnerable to SQL injection attacks via input 're TEXT' or does the PG parser prevent it in these plpgsql functions? To be safe, I do input validation before calling search_for_address(re TEXT) but I would like to know the truth here. If the function is vulnerable, could you please provide an exact string to prove it? Thanks. I have tried to attack it, but my attempts failed. Best regards, Unto Sten
Back to comp.databases.postgresql | Previous | Next — Next in thread | Find similar
plpgsql function SQL injection vulnerability? sten.unto@gmail.com (Unto Sten) - 2018-10-25 17:11 +0000
Re: plpgsql function SQL injection vulnerability? George Neuner <gneuner2@comcast.net> - 2018-10-26 00:47 -0400
Re: plpgsql function SQL injection vulnerability? Laurenz Albe <laurenz@nospam.pn> - 2018-10-26 12:47 +0000
Re: plpgsql function SQL injection vulnerability? sten.unto@gmail.com (Unto Sten) - 2018-10-26 19:06 +0000
Re: plpgsql function SQL injection vulnerability? sten.unto@gmail.com (Unto Sten) - 2018-10-26 19:08 +0000
csiph-web