Fix SQL injection in SQL Agent plugin via parameterized queries

Replace string concatenation with parameterized queries in all database connectors to prevent SQL injection through LLM-generated table names. Changes: - PostgreSQL: Use $1, $2 placeholders with pg client parameterization - MySQL: Use ? placeholders with mysql2 execute() prepared statements - MSSQL: Use @p0 placeholders with request.input() parameterization - Update handlers to support parameterized query objects - Add formatQueryForDisplay() for logging parameterized queries Security: Mitigates potential SQL injection when LLM passes unsanitized user input as table_name parameter to getTableSchemaSql/getTablesSql. GHSA-jwjx-mw2p-5wc7
2026-04-30 19:37:27 +02:00 · 2026-03-12 21:56:57 -07:00
parent 9e2d144dc8
commit 334ce052f0
5 changed files with 81 additions and 17 deletions
--- a/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/MSSQL.js
+++ b/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/MSSQL.js
@@ -62,14 +62,19 @@ class MSSQLConnector {
  /**
   *
   * @param {string} queryString the SQL query to be run
+   * @param {Array} params optional parameters for prepared statement
   * @returns {Promise<import(".").QueryResult>}
   */
-  async runQuery(queryString = "") {
+  async runQuery(queryString = "", params = []) {
    const result = { rows: [], count: 0, error: null };
    try {
      if (!this.#connected) await this.connect();

-      const query = await this._client.query(queryString);
+      const request = this._client.request();
+      params.forEach((value, index) => {
+        request.input(`p${index}`, value);
+      });
+      const query = await request.query(queryString);
      result.rows = query.recordset;
      result.count = query.rowsAffected.reduce((sum, a) => sum + a, 0);
    } catch (err) {
@@ -99,7 +104,10 @@ class MSSQLConnector {
  }

  getTableSchemaSql(table_name) {
-    return `SELECT COLUMN_NAME,COLUMN_DEFAULT,IS_NULLABLE,DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='${table_name}'`;
+    return {
+      query: `SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = @p0`,
+      params: [table_name],
+    };
  }
 }

--- a/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/MySQL.js
+++ b/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/MySQL.js
@@ -30,13 +30,17 @@ class MySQLConnector {
  /**
   *
   * @param {string} queryString the SQL query to be run
+   * @param {Array} params optional parameters for prepared statement
   * @returns {Promise<import(".").QueryResult>}
   */
-  async runQuery(queryString = "") {
+  async runQuery(queryString = "", params = []) {
    const result = { rows: [], count: 0, error: null };
    try {
      if (!this.#connected) await this.connect();
-      const [query] = await this._client.query(queryString);
+      const [query] =
+        params.length > 0
+          ? await this._client.execute(queryString, params)
+          : await this._client.query(queryString);
      result.rows = query;
      result.count = query?.length;
    } catch (err) {
@@ -62,10 +66,17 @@ class MySQLConnector {
  }

  getTablesSql() {
-    return `SELECT table_name FROM information_schema.tables WHERE table_schema = '${this.database_id}'`;
+    return {
+      query: `SELECT table_name FROM information_schema.tables WHERE table_schema = ?`,
+      params: [this.database_id],
+    };
  }
+
  getTableSchemaSql(table_name) {
-    return `SHOW COLUMNS FROM ${this.database_id}.${table_name};`;
+    return {
+      query: `SELECT COLUMN_NAME, COLUMN_TYPE, IS_NULLABLE, COLUMN_KEY, COLUMN_DEFAULT, EXTRA FROM information_schema.columns WHERE table_schema = ? AND table_name = ?`,
+      params: [this.database_id, table_name],
+    };
  }
 }

--- a/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/Postgresql.js
+++ b/server/utils/agents/aibitat/plugins/sql-agent/SQLConnectors/Postgresql.js
@@ -25,13 +25,14 @@ class PostgresSQLConnector {
  /**
   *
   * @param {string} queryString the SQL query to be run
+   * @param {Array} params optional parameters for prepared statement
   * @returns {Promise<import(".").QueryResult>}
   */
-  async runQuery(queryString = "") {
+  async runQuery(queryString = "", params = []) {
    const result = { rows: [], count: 0, error: null };
    try {
      if (!this.#connected) await this.connect();
-      const query = await this._client.query(queryString);
+      const query = await this._client.query(queryString, params);
      result.rows = query.rows;
      result.count = query.rowCount;
    } catch (err) {
@@ -57,10 +58,17 @@ class PostgresSQLConnector {
  }

  getTablesSql() {
-    return `SELECT * FROM pg_catalog.pg_tables WHERE schemaname = '${this.schema}'`;
+    return {
+      query: `SELECT * FROM pg_catalog.pg_tables WHERE schemaname = $1`,
+      params: [this.schema],
+    };
  }
+
  getTableSchemaSql(table_name) {
-    return ` select column_name, data_type, character_maximum_length, column_default, is_nullable from INFORMATION_SCHEMA.COLUMNS where table_name = '${table_name}' AND table_schema = '${this.schema}'`;
+    return {
+      query: `SELECT column_name, data_type, character_maximum_length, column_default, is_nullable FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = $1 AND table_schema = $2`,
+      params: [table_name, this.schema],
+    };
  }
 }