oss-sec mailing list archives
JSON-based SQL query construction (Sequelize as an example)
From: Florian Weimer <fweimer () redhat com>
Date: Wed, 20 May 2015 16:50:18 +0200
We came across an issue which could deserve some wider attention: JSON injection altering the structure of queries in certain ORM tools. <https://securityblog.redhat.com/2015/05/20/json-homoiconicity-and-database-access/> Already in July 2014, Kazuho Oku described a JSON injection issue in the SQL::Maker Perl package, discovered by his colleague Toshiharu Sugiyama: <http://blog.kazuhooku.com/2014/07/the-json-sql-injection-vulnerability.html> Additional SQL frameworks could be affected if they implement such queries and are used with JSON frameworks which produce dict/hash objects native to the programming language (so that they are indistinguishable from query expressions). -- Florian Weimer / Red Hat Product Security
Current thread:
- JSON-based SQL query construction (Sequelize as an example) Florian Weimer (May 20)