aminghadersohi opened a new pull request, #37411: URL: https://github.com/apache/superset/pull/37411
## Summary Fixes critical security vulnerabilities in the MCP service's SQL validation: - **Engine mismatch**: `validate_sql_query` hardcoded `"sqlite"` for blocklist lookup instead of using `database.backend`, so PostgreSQL/MySQL function blocklists were never applied - **No table blocklist**: Users could query system catalog tables (`pg_stat_activity`, `pg_roles`, `pg_settings`, etc.) exposing sensitive infrastructure data - **Weak DML detection**: Used `startswith` string check instead of AST-based mutation detection ### Changes 1. **`superset/config.py`**: Added `DISALLOWED_SQL_TABLES` config with per-engine table blocklists (PostgreSQL, MySQL, MSSQL system catalogs) 2. **`superset/exceptions.py`**: Added `SupersetDisallowedSQLTableException` 3. **`superset/sql/parse.py`**: Added `check_tables_present()` to `SQLStatement` and `SQLScript` classes using sqlglot AST (handles case-insensitivity, schema-qualified names, excludes CTE aliases) 4. **`superset/sql_lab.py`**: Added table validation after existing function check 5. **`superset/mcp_service/sql_lab/sql_lab_utils.py`**: Rewrote `validate_sql_query` to use proper AST-based parsing with correct engine from `database.backend` ## Test plan - [x] Added 14 unit tests for `check_tables_present()` covering basic detection, case insensitivity, subqueries, CTEs, schema-qualified names, multi-statement scripts - [x] Added 16 unit tests for MCP `validate_sql_query` covering engine-specific blocklists, table blocking, DML detection, and normal query passthrough - [x] All 30 tests pass ```bash pytest tests/unit_tests/sql/test_check_tables_present.py tests/unit_tests/mcp_service/sql_lab/test_validate_sql_query.py -v ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
