Closed sliedes closed 3 years ago
Besides being a nuisance, I assume this allows injection attacks.
import redis from redisgraph import Node, Edge, Graph r = redis.Redis(host='localhost') redis_graph = Graph('bug', r) node = Node(label='test', properties={'foo': '"'}) redis_graph.add_node(node) redis_graph.commit()
$ ./bug.py Traceback (most recent call last): File "./bug.py", line 11, in <module> redis_graph.commit() File "/home/sliedes/.virtualenvs/torch/lib/python3.7/site-packages/redisgraph/graph.py", line 96, in commit return self.query(query) File "/home/sliedes/.virtualenvs/torch/lib/python3.7/site-packages/redisgraph/graph.py", line 130, in query response = self.redis_con.execute_command("GRAPH.QUERY", self.name, q, "--compact") File "/home/sliedes/.virtualenvs/torch/lib/python3.7/site-packages/redis/client.py", line 901, in execute_command return self.parse_response(conn, command_name, **options) File "/home/sliedes/.virtualenvs/torch/lib/python3.7/site-packages/redis/client.py", line 915, in parse_response response = connection.read_response() File "/home/sliedes/.virtualenvs/torch/lib/python3.7/site-packages/redis/connection.py", line 756, in read_response raise response redis.exceptions.ResponseError: errMsg: Invalid input at end of input: expected " line: 1, column: 32, offset: 31 errCtx: CREATE (rffqaxqlml:test{foo:"}) errCtxOffset: 31
Besides being a nuisance, I assume this allows injection attacks.