|
1 <stránka |
|
2 xmlns="https://trac.frantovo.cz/xml-web-generator/wiki/xmlns/strana" |
|
3 xmlns:m="https://trac.frantovo.cz/xml-web-generator/wiki/xmlns/makro"> |
|
4 |
|
5 <nadpis>Parametrized queries with Guile</nadpis> |
|
6 <perex>passing input parameters and avoiding code-injections</perex> |
|
7 <m:pořadí-příkladu>01600</m:pořadí-příkladu> |
|
8 |
|
9 <text xmlns="http://www.w3.org/1999/xhtml"> |
|
10 |
|
11 <p> |
|
12 <m:name/> are not only for ad-hoc commands but – they could (and probably often should) be used for creating reusable programs. |
|
13 Such programs are once written, stored in a shell script or shell function or alias and then called many times. |
|
14 </p> |
|
15 |
|
16 <p> |
|
17 For example, we need a script which prints records from our <code>fstab</code> that have given filesystem type. |
|
18 We could do it this way: |
|
19 </p> |
|
20 |
|
21 <m:pre jazyk="bash"><![CDATA[fstab-where-type() { |
|
22 relpipe-in-fstab \ |
|
23 | relpipe-tr-guile \ |
|
24 --relation fstab \ |
|
25 --where '(string= $type "'$1'")' \ |
|
26 | relpipe-out-tabular; |
|
27 }]]></m:pre> |
|
28 |
|
29 <p>It seems working – e.g. if we call <code>fstab-where-type btrfs</code>, we get:</p> |
|
30 |
|
31 <m:pre jazyk="text"><![CDATA[fstab: |
|
32 ╭─────────────────┬──────────────────────────────────────┬──────────────────────┬───────────────┬──────────────────┬────────────────┬────────────────╮ |
|
33 │ scheme (string) │ device (string) │ mount_point (string) │ type (string) │ options (string) │ dump (integer) │ pass (integer) │ |
|
34 ├─────────────────┼──────────────────────────────────────┼──────────────────────┼───────────────┼──────────────────┼────────────────┼────────────────┤ |
|
35 │ UUID │ a2b5f230-a795-4f6f-a39b-9b57686c86d5 │ /home │ btrfs │ relatime │ 0 │ 2 │ |
|
36 ╰─────────────────┴──────────────────────────────────────┴──────────────────────┴───────────────┴──────────────────┴────────────────┴────────────────╯ |
|
37 Record count: 1]]></m:pre> |
|
38 |
|
39 <p> |
|
40 But it is fundamentally wrong. The input parameter is blindly pasted in middle of the Guile code. |
|
41 So if we call e.g. <code>fstab-where-type 'ext4"'</code>, it crashes terribly. |
|
42 Do you remember SQL injections in your first PHP scripts when you were 14? |
|
43 Do you remember <a href="https://xkcd.com/327/">XKCD: Exploits of a Mom</a>? |
|
44 Don't do it again! |
|
45 </p> |
|
46 |
|
47 <p> |
|
48 The <code>relpipe-tr-guile</code> tool has a safe way for passing parameters from the outside. And such parameters are even strongly typed. |
|
49 So this is, how our program should be written: |
|
50 </p> |
|
51 |
|
52 <m:pre jazyk="bash"><![CDATA[fstab-where-type() { |
|
53 relpipe-in-fstab \ |
|
54 | relpipe-tr-guile \ |
|
55 --relation fstab \ |
|
56 --define 'myRequestedType' string "$1" \ |
|
57 --where '(string= $type myRequestedType)' \ |
|
58 | relpipe-out-tabular; |
|
59 }]]></m:pre> |
|
60 |
|
61 <p> |
|
62 So when we call <code>fstab-where-type 'ext4"'</code> again, there is no crash, no code-injection. |
|
63 Just empty relation is returned because there is no record <code>WHERE type = 'ext4"'</code> (said in SQL words). |
|
64 </p> |
|
65 |
|
66 <p> |
|
67 Now it is like we do a parametrized query in SQL: |
|
68 </p> |
|
69 |
|
70 <m:pre jazyk="sql"><![CDATA[SELECT * FROM fstab WHERE type = :myRequestedType;]]></m:pre> |
|
71 |
|
72 <p> |
|
73 And bind the <code>myRequestedType</code> parameter. |
|
74 </p> |
|
75 |
|
76 |
|
77 </text> |
|
78 |
|
79 </stránka> |