search

AvailX / avail-wallet

An open source, private, self-custodial wallet. Built on the Aleo network.
https://avail.global
Apache License 2.0
20 stars 7 forks source link

Fix/sql queries backmerge #107

Open zklim opened 4 months ago

zklim commented 4 months ago

Back merge latest develop branch at Jun 21st and did app testing.

zklim commented 4 months ago

Hey @zklim Some pointers on the fix/sql-queries-backmerge

  • The below files still have the SQL vulnerability

    • src-tauri/src/services/local_storage/tokens.rs
    • src-tauri/src/services/local_storage/encrypted_data.rs
    • src-tauri/src/services/local_storage/storage_api/events.rs
    • src-tauri/src/services/local_storage/storage_api/records.rs
    • src-tauri/src/services/local_storage/storage_api/transaction.rs
  • Basically. any file that uses String formatting with format!(<SQL_QUERY>{}, <VARIABLE>) , Should be changed to passing through arguments as Zack did
  • Do a search for format! , and change it to the fix done by Zack using execute_query_params() fn for the above mentioned files
  • All SQL commands SHOULD NOT HAVE format!(<..>) in them, it should be like let query = "<SQL QUERY WITH ?1, ?2>"; and call the execute_query_params(query , <PARAMS>); fn.

Not sure if I have to modify code for case like:

let query = format!(
        "SELECT balance_ciphertext, nonce FROM ARC20_tokens WHERE token_name='{}' ",
        token_name
    );
    let res = storage.get_all::<String>(&query, 2)?;

as storage.get_all() don't take parameter as execute_query_params(query , <PARAMS>); does