From 058da51f8644f8aab020510d93a7e8311e823f7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= <torjus@usit.uio.no>
Date: Sun, 15 Feb 2026 10:08:28 +0100
Subject: [PATCH] fix: add column whitelist to queryTopN to prevent SQL
 injection

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 internal/storage/sqlite.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/internal/storage/sqlite.go b/internal/storage/sqlite.go
index c6e585e..072ca65 100644
--- a/internal/storage/sqlite.go
+++ b/internal/storage/sqlite.go
@@ -292,6 +292,13 @@ func (s *SQLiteStore) GetTopIPs(ctx context.Context, limit int) ([]TopEntry, err
 }
 
 func (s *SQLiteStore) queryTopN(ctx context.Context, column string, limit int) ([]TopEntry, error) {
+	switch column {
+	case "username", "password", "ip":
+		// valid columns
+	default:
+		return nil, fmt.Errorf("invalid column: %s", column)
+	}
+
 	query := fmt.Sprintf(`
 		SELECT %s, SUM(count) AS total
 		FROM login_attempts