Skip to content

Commit

Permalink
fix: update SQL validation to handle 'col' column name
Browse files Browse the repository at this point in the history 
Co-Authored-By: Matt Wong <[email protected]>
  • Loading branch information
@devin-ai-integration @liquidaty
devin-ai-integration[bot] and liquidaty committed Dec 20, 2024
1 parent e53e760 commit 95073e7
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions app/utils/overwrite.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ enum zsv_status zsv_overwrite_next(void *h, struct zsv_overwrite_data *odata) {

static const char *get_safe_sql_query(sqlite3 *db, const char *user_sql) {
static const char *default_query =
"select row, column, value, timestamp, author from overwrites order by row, column";
"select row, col, value, timestamp, author from overwrites order by row, col";

// Handle NULL or empty input
if (!user_sql || !*user_sql)
Expand Down Expand Up @@ -164,7 +164,7 @@ static const char *get_safe_sql_query(sqlite3 *db, const char *user_sql) {

if (strcmp(col_name, "row") == 0)
has_row = 1;
else if (strcmp(col_name, "column") == 0)
else if (strcmp(col_name, "column") == 0 || strcmp(col_name, "col") == 0)
has_column = 1;
else if (strcmp(col_name, "value") == 0)
has_value = 1;
Expand Down

0 comments on commit 95073e7

Please sign in to comment.