sneak/vaultik
1
0
Fork 0
Code Issues 25 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

Compare commits

base: sneak:fix/issue-27
Branches Tags
sneak:main
sneak:fix/issue-29
sneak:fix/issue-28
sneak:fix/issue-27
sneak:fix/issue-26
sneak:fix/issue-25
sneak:feature/restore-progress-bar
sneak:feat/restore-progress-bar
sneak:fix/restore-error-handling
sneak:feature/pluggable-storage-backend
..
compare: sneak:main
Branches Tags
sneak:fix/issue-29
sneak:fix/issue-28
sneak:fix/issue-27
sneak:fix/issue-26
sneak:fix/issue-25
sneak:feature/restore-progress-bar
sneak:feat/restore-progress-bar
sneak:fix/restore-error-handling
sneak:main
sneak:feature/pluggable-storage-backend

No commits in common. "fix/issue-27" and "main" have entirely different histories.
fix/issue- ... main

1 changed files with 1 additions and 15 deletions
Show Stats Expand all files Collapse all files

16
internal/vaultik/snapshot.go
View File

@ -1126,26 +1126,12 @@ func (v *Vaultik) PruneDatabase() (*PruneResult, error) {
return result, nil return result, nil
} }
// validTableNames is the allowlist of table names that can be counted. // getTableCount returns the count of rows in a table
var validTableNames = map[string]bool{
"files": true,
"chunks": true,
"blobs": true,
"uploads": true,
"snapshots": true,
}
// getTableCount returns the count of rows in a table.
// The tableName must be in the validTableNames allowlist to prevent SQL injection.
func (v *Vaultik) getTableCount(tableName string) (int64, error) { func (v *Vaultik) getTableCount(tableName string) (int64, error) {
if v.DB == nil { if v.DB == nil {
return 0, nil return 0, nil
} }
if !validTableNames[tableName] {
return 0, fmt.Errorf("invalid table name: %q", tableName)
}
var count int64 var count int64
query := fmt.Sprintf("SELECT COUNT(*) FROM %s", tableName) query := fmt.Sprintf("SELECT COUNT(*) FROM %s", tableName)
err := v.DB.Conn().QueryRowContext(v.ctx, query).Scan(&count) err := v.DB.Conn().QueryRowContext(v.ctx, query).Scan(&count)