SqlSecurity

term_guard::security

Struct SqlSecurity 

Source 
pub struct SqlSecurity;
Expand description

SQL identifier validation and escaping utilities.

Implementations§

Source§

impl SqlSecurity

Source

pub fn escape_identifier(identifier: &str) -> Result<String>

Validates and escapes a SQL identifier (table name, column name, etc.).

This function ensures that user-provided identifiers are safe to use in SQL queries by validating their format and properly escaping them.

§Arguments
  • identifier - The identifier to validate and escape
§Returns
  • Ok(String) - The safely escaped identifier ready for SQL use
  • Err(TermError) - If the identifier is invalid or potentially malicious
§Security

This function prevents SQL injection by:

  • Validating identifier format against allowed patterns
  • Checking against a blocklist of dangerous patterns
  • Properly escaping identifiers using double quotes
  • Limiting identifier length to prevent DoS attacks
§Examples
use term_guard::security::SqlSecurity;

// Valid identifiers
assert!(SqlSecurity::escape_identifier("customer_id").is_ok());
assert!(SqlSecurity::escape_identifier("table1").is_ok());

// Invalid identifiers  
assert!(SqlSecurity::escape_identifier("id; DROP TABLE users--").is_err());
assert!(SqlSecurity::escape_identifier(&"very_long_name_".repeat(100)).is_err());
Source

pub fn validate_identifier(identifier: &str) -> Result<()>

Validates a SQL identifier without escaping it.

This function checks if an identifier is safe to use but doesn’t escape it. Useful for cases where you need validation but will use the identifier in a different context.

Source

pub fn validate_regex_pattern(pattern: &str) -> Result<String>

Validates a regex pattern for safety.

This function ensures that user-provided regex patterns are safe to use in SQL queries and won’t cause ReDoS attacks or other security issues.

Source

pub fn validate_sql_expression(expression: &str) -> Result<()>

Validates a custom SQL expression for safety.

This function performs security validation on user-provided SQL expressions to prevent SQL injection and other attacks while still allowing legitimate validation expressions.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> Allocation for T
where T: RefUnwindSafe + Send + Sync,

Source§

impl<T> ErasedDestructor for T
where T: 'static,