diff --git a/lib/sanitize.sh b/lib/sanitize.sh index 1673f6d..f367216 100644 --- a/lib/sanitize.sh +++ b/lib/sanitize.sh @@ -165,6 +165,17 @@ sanitize_email() { echo "$sanitized" } +# Sanitize database/table names +sanitize_database_name() { + local name="$1" + + # Database names should only contain alphanumeric and underscores + local sanitized + sanitized=$(echo "$name" | sed 's/[^a-zA-Z0-9_]//g' | sed 's/^[0-9]/_&/') + + echo "$sanitized" +} + # Main sanitization function - sanitizes all environment variables sanitize_inputs() { log_debug "Sanitizing input parameters..." @@ -293,10 +304,10 @@ sanitize_inputs() { log_debug "Sanitized CLICKHOUSE_URL: $CLICKHOUSE_URL" fi - # if [[ -n "${CLICKHOUSE_DATABASE:-}" ]]; then - # CLICKHOUSE_DATABASE=$(sanitize_database_name "$CLICKHOUSE_DATABASE") - # log_debug "Sanitized CLICKHOUSE_DATABASE: $CLICKHOUSE_DATABASE" - # fi + if [[ -n "${CLICKHOUSE_DATABASE:-}" ]]; then + CLICKHOUSE_DATABASE=$(sanitize_database_name "$CLICKHOUSE_DATABASE") + log_debug "Sanitized CLICKHOUSE_DATABASE: $CLICKHOUSE_DATABASE" + fi if [[ -n "${CLICKHOUSE_USERNAME:-}" ]]; then CLICKHOUSE_USERNAME=$(sanitize_string "$CLICKHOUSE_USERNAME" 100) diff --git a/license-mappings.json b/license-mappings.json index d94c69c..3d1b54f 100644 --- a/license-mappings.json +++ b/license-mappings.json @@ -166,6 +166,28 @@ "github.com/aws/smithy-go": "Apache-2.0", "github.com/aymanbagabas/go-osc52/v2": "MIT", "github.com/aymerick/douceur": "MIT", + "github.com/bahlo/generic-list-go": "BSD-3-Clause", + "github.com/baidubce/bce-sdk-go": "Apache-2.0", + "github.com/bboreham/go-loser": "Apache-2.0", + "github.com/benbjohnson/clock": "MIT", + "github.com/beorn7/perks": "MIT", + "github.com/bkielbasa/cyclop": "MIT", + "github.com/blang/semver/v4": "MIT", + "github.com/blizzy78/varnamelen": "MIT", + "github.com/bmatcuk/doublestar/v4": "MIT", + "github.com/bombsimon/logrusr/v2": "MIT", + "github.com/bombsimon/wsl/v4": "MIT", + "github.com/bradleyfalzon/ghinstallation/v2": "Apache-2.0", + "github.com/braintree/manners": "MIT", + "github.com/breml/bidichk": "MIT", + "github.com/breml/errchkjson": "MIT", + "github.com/briandowns/spinner": "Apache-2.0", + "github.com/bufbuild/protocompile": "Apache-2.0", + "github.com/buger/jsonparser": "MIT", + "github.com/butuzov/ireturn": "MIT", + "github.com/butuzov/mirror": "MIT", + "github.com/bytedance/sonic": "Apache-2.0", + "github.com/bytedance/sonic/loader": "Apache-2.0", "github.com/Azure/azure-amqp-common-go/v3": "MIT", "github.com/Azure/azure-pipeline-go": "MIT", "github.com/Azure/azure-sdk-for-go-extensions": "MIT", diff --git a/test/simple.bats b/test/simple.bats index f03155f..36cc886 100644 --- a/test/simple.bats +++ b/test/simple.bats @@ -665,3 +665,45 @@ EOF [ "$status" -eq 1 ] [[ "$output" == *"Invalid email format"* ]] } + +# Test 73: sanitize_email accepts valid name +@test "sanitize_database_name accepts valid name" { + run sanitize_database_name "test_database" + [ "$status" -eq 0 ] + [[ "$output" == "test_database" ]] +} + +# Test 74: sanitize_database_name accepts name with underscores +@test "sanitize_database_name accepts name starting with underscore" { + run sanitize_database_name "_test_database" + [ "$status" -eq 0 ] + [[ "$output" == "_test_database" ]] +} + +# Test 75: sanitize_database_name accepts name with numbers +@test "sanitize_database_name accepts name with numbers" { + run sanitize_database_name "test_database_123" + [ "$status" -eq 0 ] + [[ "$output" == "test_database_123" ]] +} + +# Test 76: sanitize_database_name removes dangerous characters +@test "sanitize_database_name removes dangerous characters" { + run sanitize_database_name "test-database.name" + [ "$status" -eq 0 ] + [[ "$output" == "testdatabasename" ]] +} + +# Test 77: sanitize_database_name rejects name with starting with number +@test "sanitize_database_name rejects name starting with number" { + run sanitize_database_name "1test_database" + [ "$status" -eq 0 ] + [[ "$output" == "_1test_database" ]] +} + +# Test 78: sanitize_database_name rejects name with spaces +@test "sanitize_database_name rejects name with spaces" { + run sanitize_database_name "test database" + [ "$status" -eq 0 ] + [[ "$output" == "testdatabase" ]] +}