apply security patch: v11.2.x/182-202409301509.patch
commit a5445cf0c8e05c807cc2c77eac9fd1cc06cf83aa Author: Scott Lepper <scott.lepper@gmail.com> Date: Mon Sep 30 11:08:17 2024 -0400 disable sql expressions
This commit is contained in:
github-actions[bot]
committed by
joshhunt
joshhunt
parent
086b47f098
commit
8ab94e1553
@@ -8,7 +8,6 @@ import (
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/jeremywohl/flatten"
|
||||
"github.com/scottlepp/go-duck/duck"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -21,7 +20,7 @@ var logger = log.New("sql_expr")
|
||||
|
||||
// TablesList returns a list of tables for the sql statement
|
||||
func TablesList(rawSQL string) ([]string, error) {
|
||||
duckDB := duck.NewInMemoryDB()
|
||||
duckDB := NewInMemoryDB()
|
||||
rawSQL = strings.Replace(rawSQL, "'", "''", -1)
|
||||
cmd := fmt.Sprintf("SELECT json_serialize_sql('%s')", rawSQL)
|
||||
ret, err := duckDB.RunCommands([]string{cmd})
|
||||
|
||||
Reference in New Issue
Block a user