search

FalkorDB / FalkorDB

A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation. Our goal is to provide the best Knowledge Graph for LLM (GraphRAG).
https://www.falkordb.com/
Other
607 stars 22 forks source link

toJSON does not escape control characters #561

Open arnecs opened 7 months ago

arnecs commented 7 months ago

toJSON does not escape control characters and allows for JSON injection.

WITH "\\" as backslash, "\"" as quote
RETURN backslash, toJSON(backslash), quote, toJSON(quote)
1) 1) "backslash"
   2) "toJSON(backslash)"
   3) "quote"
   4) "toJSON(quote)"
2) 1) 1) "\"
      2) ""\""
      3) """
      4) """""

Expected result would escape the backslash and quote characters

2) 1) 1) "\"
        2) ""\\""
        3) """
        4) ""\"""