Add basic mitigation against postgres queries injecting to trigger writes or other dangerous actions#1889
Merged
pcarleton merged 1 commit intomodelcontextprotocol:mainfrom May 29, 2025
Merged
Conversation
Contributor
Author
…ites or other dangerous actions Co-authored-by: Santiago Mola <santiago.mola@datadoghq.com>
pcarleton
approved these changes
May 28, 2025
Member
pcarleton
left a comment
pcarleton
left a comment
There was a problem hiding this comment.
LGTM
A test would be awesome to verify, but given there aren't tests already, i'm good w/ merging this as is.
Contributor
Author
|
Yeah, I had experimented with adding a test for this, but ended up deciding it took a bit too much setup (i.e. setting up docker to run postgres) to be worth it here. |
PazerOP
referenced
this pull request
in PazerOP/mcp-template
Jul 15, 2025
…ites or other dangerous actions (#1889) Co-authored-by: Santiago Mola <santiago.mola@datadoghq.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This mitigates the trick of injecting
COMMITandENDto bypass the read-only restrictions. I believe this should fully fix the issue, but I added a warning to encourage people to also enforce this through postgres permissions.Note: This is based on the approach used by @smola here, so thank you Santiago for the idea of using a parameterized query to accomplish this.