Skip to content

[Bug]: csv_sql SQL injection risk with special characters in filenames #2099

Description

@jaffarkeikei

Description

The csv_sql tool uses f-string formatting to construct SQL queries with the file path, which could lead to SQL injection or query errors if filenames contain special characters.

Current behavior

# Line 265 in csv_tool.py
con.execute(f"CREATE TABLE data AS SELECT * FROM read_csv_auto('{secure_path}')")

While secure_path comes from get_secure_path() (which prevents path traversal), filenames with single quotes, backslashes, or other SQL special characters can break the query or potentially allow SQL injection in the DuckDB context.

Steps to reproduce

  1. Create a CSV file with a filename containing a single quote: test'file.csv
  2. Try to query it with csv_sql:
csv_sql(
    path="test'file.csv",
    workspace_id="test",
    agent_id="test",
    session_id="test",
    query="SELECT * FROM data"
)
# Results in SQL error: unterminated string literal

Expected behavior

The tool should safely handle filenames with special characters by using parameterized queries or proper SQL escaping.

Environment

  • File: tools/src/aden_tools/tools/csv_tool/csv_tool.py:265

Suggested fix

Use DuckDB's parameterized query support or read_csv_auto() with proper escaping:

# Option 1: Use DuckDB's parameter binding (if supported)
con.execute("CREATE TABLE data AS SELECT * FROM read_csv_auto(?)", [secure_path])

# Option 2: Escape single quotes
safe_path = secure_path.replace("'", "''")
con.execute(f"CREATE TABLE data AS SELECT * FROM read_csv_auto('{safe_path}')")

Happy to submit a PR for this!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions