RepoMirrors/postgres_exporter
1
0
Fork 0
mirror of https://github.com/prometheus-community/postgres_exporter synced 2025-04-20 14:05:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Escape Identifier when building up SQL dynamically

Browse Source 
Signed-off-by: Feike Steenbergen <feike@timescale.com>
This commit is contained in:
Feike Steenbergen 2022-06-02 08:37:49 +02:00
parent 1b492a6c59
commit 1e9b19da84
No known key found for this signature in database
GPG Key ID: BE67E84EF3533CA4
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/postgres_exporter/namespace.go
View File

@ -43,9 +43,7 @@ func queryNamespaceMapping(server *Server, namespace string, mapping MetricMapNa
var err error
if !found {
// I've no idea how to avoid this properly at the moment, but this is
// an admin tool so you're not injecting SQL right?
rows, err = server.db.Query(fmt.Sprintf("SELECT * FROM %s;", namespace)) // nolint: gas
rows, err = server.db.Query(fmt.Sprintf("SELECT * FROM %s;", pq.QuoteIdentifier(namespace))) // nolint: gas
} else {
rows, err = server.db.Query(query)
}