Merge pull request #69 from artemeon/fix/#22989-refactor-dbImport

Fix/#22989 refactor db import

Author: tmArtemeon

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 3.3.1
+
+- Fix Command Injection
+- Remove Oracle Driver
+
 ## 3.3.0
 
 - Remove unused SqlsrvDriver #68

composer.json

@@ -19,6 +19,10 @@
     "symfony/process": "^5.0|^6.0|^7.0",
     "symfony/polyfill-mbstring": "^1.15"
   },
+  "suggest": {
+    "ext-pgsql": "install for postgres.",
+    "ext-mysqli": "install for mysql."
+  },
   "require-dev": {
     "phpunit/phpunit": "^9.0",
     "phpstan/phpstan": "^1.10.59",

src/Driver/DriverAbstract.php

@@ -14,6 +14,7 @@
 namespace Artemeon\Database\Driver;
 
 use Artemeon\Database\ConnectionInterface;
+use Artemeon\Database\ConnectionParameters;
 use Artemeon\Database\DriverInterface;
 use Artemeon\Database\Exception\QueryException;
 use Artemeon\Database\Schema\DataType;
@@ -32,6 +33,12 @@ abstract class DriverAbstract implements DriverInterface
 
     protected int $affectedRowsCount = 0;
 
+    protected ?ConnectionParameters $config;
+
+    public function setConfig(ConnectionParameters $params): void
+    {
+        $this->config = $params;
+    }
 
     /**
      * Detects if the current installation runs on Windows or UNIX.
@@ -316,14 +323,15 @@ public function getStringLengthExpression(string $targetString): string
         return 'LENGTH('.$targetString.')';
     }
 
-    protected function runCommand(string $command): void
+    protected function runProcess(Process $process, string $errorPrefix = ''): bool
     {
-        $process = Process::fromShellCommandline($command);
-        $process->setTimeout(3600.0);
+        $process->setTimeout(null);
         $process->run();
 
         if (!$process->isSuccessful()) {
-            throw new ProcessFailedException($process);
+            throw new \RuntimeException(trim($errorPrefix . ' ' . $process->getErrorOutput()));
         }
+
+        return true;
     }
 }

src/Driver/MysqliDriver.php

@@ -25,6 +25,7 @@
 use mysqli;
 use mysqli_stmt;
 use Symfony\Component\Process\ExecutableFinder;
+use Symfony\Component\Process\Process;
 
 /**
  * DB-driver for MySQL using the php-mysqli-interface.
@@ -38,8 +39,6 @@ class MysqliDriver extends DriverAbstract
 
     private ?mysqli $linkDB; //DB-Link
 
-    private ?ConnectionParameters $config;
-
     private string $dumpBin = 'mysqldump'; // Binary to dump db (if not in path, add the path here)
 
     private string $restoreBin = 'mysql'; // Binary to dump db (if not in path, add the path here)
@@ -62,7 +61,7 @@ public function dbconnect(ConnectionParameters $params): bool
         }
 
         // Save connection-details
-        $this->config = $params;
+        $this->setConfig($params);
 
         $this->linkDB = new mysqli(
             $this->config->getHost(),
@@ -500,27 +499,31 @@ public function encloseTableName(string $table): string
      */
     public function dbExport(string &$fileName, array $tables): bool
     {
-        $tablesString = implode(' ', $tables);
-        $paramPass = '';
-
-        if ($this->config->getPassword() !== '') {
-            $paramPass = " -p\"" . $this->config->getPassword() . "\"";
-        }
-
         $dumpBin = (new ExecutableFinder())->find($this->dumpBin);
+        $dumpParams = [
+            $dumpBin,
+            '-h', escapeshellarg($this->config->getHost()),
+            '-u', escapeshellarg($this->config->getUsername()),
+            ($this->config->getPassword() === '') ? '': '-p' . escapeshellarg($this->config->getPassword()),
+            '-P', $this->config->getPort(),
+            escapeshellarg($this->config->getDatabase()),
+            implode(' ', array_map('escapeshellarg', $tables))
+        ];
 
+        $mysqldumpCommand = implode(' ', $dumpParams);
         if ($this->handlesDumpCompression()) {
             $fileName .= '.gz';
-            $command = $dumpBin . ' -h' . $this->config->getHost() . ' -u' . $this->config->getUsername(
-                ) . $paramPass . ' -P' . $this->config->getPort() . ' ' . $this->config->getDatabase(
-                ) . ' ' . $tablesString . " | gzip > \"" . $fileName . "\"";
+            $pattern = '%s | gzip > %s';
         } else {
-            $command = $dumpBin . ' -h' . $this->config->getHost() . ' -u' . $this->config->getUsername(
-                ) . $paramPass . ' -P' . $this->config->getPort() . ' ' . $this->config->getDatabase(
-                ) . ' ' . $tablesString . " > \"" . $fileName . "\"";
+            $pattern = '%s > %s';
         }
 
-        $this->runCommand($command);
+        $process = new Process([
+            'bash', '-c',
+            sprintf($pattern, $mysqldumpCommand, escapeshellarg($fileName))
+        ]);
+
+        $this->runProcess($process, 'Database import failed:');
 
         return true;
     }
@@ -530,33 +533,44 @@ public function dbExport(string &$fileName, array $tables): bool
      */
     public function dbImport(string $fileName): bool
     {
-        $paramPass = '';
-
-        if ($this->config->getPassword() !== '') {
-            $paramPass = " -p\"" . $this->config->getPassword() . "\"";
+        if (!in_array(pathinfo($fileName, PATHINFO_EXTENSION), ['sql', 'gz'])) {
+            throw new \RuntimeException(trim($fileName . ' is not a valid import file'));
         }
 
         $restoreBin = (new ExecutableFinder())->find($this->restoreBin);
 
+        $restoreParams = [
+            $restoreBin,
+            '-h', escapeshellarg($this->config->getHost()),
+            '-u', escapeshellarg($this->config->getUsername()),
+            ($this->config->getPassword() === '') ? '': '-p' . escapeshellarg($this->config->getPassword()),
+            '-P', $this->config->getPort(),
+            escapeshellarg($this->config->getDatabase()),
+        ];
+
+        $mysqlCommand = implode(' ', $restoreParams);
         if ($this->handlesDumpCompression() && pathinfo($fileName, PATHINFO_EXTENSION) === 'gz') {
-            $command = " gunzip -c \"" . $fileName . "\" | " . $restoreBin . ' -h' . $this->config->getHost(
-                ) . ' -u' . $this->config->getUsername() . $paramPass . ' -P' . $this->config->getPort(
-                ) . ' ' . $this->config->getDatabase();
+            $fileCommand = sprintf('gunzip -c %s', escapeshellarg($fileName));
+        } elseif (pathinfo($fileName, PATHINFO_EXTENSION) === 'sql') {
+            $fileCommand = sprintf('cat %s', escapeshellarg($fileName));
         } else {
-            $command = $restoreBin . ' -h' . $this->config->getHost() . ' -u' . $this->config->getUsername(
-                ) . $paramPass . ' -P' . $this->config->getPort() . ' ' . $this->config->getDatabase(
-                ) . " < \"" . $fileName . "\"";
+            throw new \RuntimeException(trim($fileName . ' is not a valid import file'));
         }
 
-        $this->runCommand($command);
+        $process = new Process([
+            'bash', '-c',
+            sprintf('%s | %s', $fileCommand, $mysqlCommand)
+        ]);
+
+        $this->runProcess($process, 'Database import failed:');
 
         return true;
     }
 
     /**
      * Prepares a statement or uses an instance from the cache.
      */
-    private function getPreparedStatement(string $query): mysqli_stmt | false
+    private function getPreparedStatement(string $query): mysqli_stmt|false
     {
         $name = md5($query);
 
@@ -587,7 +601,7 @@ private function getPreparedStatement(string $query): mysqli_stmt | false
 
     public function escape(mixed $value): string
     {
-        return str_replace("\\", "\\\\", (string) $value);
+        return str_replace("\\", "\\\\", (string)$value);
     }
 
     public function getJsonColumnExpression(string $column, string $key): string