Potential SQL injection in MintManager URI parsing #94
Description
Description:
In MintManager.kt, there's usage of uri.rawQuery that could potentially be vulnerable to injection if user input reaches this code path.
Location:
app/src/main/java/com/electricdreams/numo/core/util/MintManager.kt
Code:
val query = uri.rawQuery?.let { "?$it" } ?: ""Risk:
If user-controlled input can influence the URI, this could lead to injection attacks.
Fix Instructions:
- Validate and sanitize query parameters:
val query = uri.rawQuery?.let { rawQuery ->
// Validate query parameters
if (isValidQuery(rawQuery)) {
"?$rawQuery"
} else {
"" // Or throw exception for invalid input
}
} ?: ""
private fun isValidQuery(query: String): Boolean {
// Implement validation logic
return query.matches(Regex("[a-zA-Z0-9&=_%.-]*"))
}- Consider using URI builder for safer construction:
val cleanUri = Uri.Builder()
.scheme(uri.scheme)
.authority(uri.authority)
.path(uri.path)
.build()Priority: Medium-High (security-related)