Skip to content

SNOW-3417304: escape single quotes in SHOW ... LIKE patterns#2985

Open
sfc-gh-olorek wants to merge 1 commit into
mainfrom
proactive/SNOW-3417304-like-pattern-escape
Open

SNOW-3417304: escape single quotes in SHOW ... LIKE patterns#2985
sfc-gh-olorek wants to merge 1 commit into
mainfrom
proactive/SNOW-3417304-like-pattern-escape

Conversation

@sfc-gh-olorek
Copy link
Copy Markdown
Contributor

@sfc-gh-olorek sfc-gh-olorek commented May 7, 2026
edited by atlassian Bot
Loading

Pre-review checklist

  • I've confirmed that instructions included in README.md are still correct after my changes in the codebase.
  • I've added or updated automated unit tests to verify correctness of my new code.
  • I've added or updated integration tests to verify correctness of my new code.
  • I've confirmed that my changes are working by executing CLI's commands manually on MacOS.
  • I've confirmed that my changes are working by executing CLI's commands manually on Windows.
  • I've confirmed that my changes are up-to-date with the target branch.
  • I've described my changes in the release notes.
  • I've described my changes in the section below.
  • I've described my changes in the documentation.

Changes description

ObjectManager.show (src/snowflake/cli/_plugins/object/manager.py:61) and
ImageRepositoryManager.list_images
(src/snowflake/cli/_plugins/spcs/image_repository/manager.py:88) both build
SHOW ... LIKE '{pattern}' by f-string interpolation of the raw --like
argument. A single quote in the pattern terminates the SQL string literal
early; because execute_stream splits the resulting statement on semicolons,
anything after the injected quote is run as its own statement in the caller's
own session.

Fix: double single quotes at the SQL construction site ('''), which is
the canonical way to escape a single quote inside a Snowflake string literal
and leaves legitimate % / _ metacharacters untouched.

The exploit path requires access to the developer's own CLI invocation
(--like is not read from a project file or external source), so there is no
supply-chain vector and no privilege escalation — but a user who pastes an
attacker-supplied --like value will execute arbitrary SQL with their own
role. The fix is also precondition for any future feature that plumbs
--like from a less-trusted source (e.g. a template or config).

Ticket: SNOW-3417304

@sfc-gh-olorek
SNOW-3417304: escape single quotes in SHOW ... LIKE patterns
9fe3ee1 
`ObjectManager.show` and `ImageRepositoryManager.list_images` build
`SHOW ... LIKE '{pattern}'` by f-string interpolation without escaping
the LIKE argument. A single quote in `--like` terminates the literal
early and because `execute_stream` splits the resulting SQL on
semicolons, trailing content is executed as additional statements in
the caller's own session.

Escape single quotes at both sinks by doubling them
(`'` -> `''`), which is the canonical SQL literal escape and preserves
legitimate patterns containing `%` / `_`. Exploit requires access to
the developer's CLI invocation, so impact is self-injection only, but
the fix is trivial.

Added regression tests covering the classic
`foo'; drop table users; --` payload at both sites.
@sfc-gh-olorek sfc-gh-olorek requested a review from a team as a code owner May 7, 2026 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sfc-gh-olorek