このPythonファイルpython pid_info.py 12345を実行してみると、次のようになります。
#!/usr/bin/env python
import subprocess
import sys, getopt
# add if -b or -e then look for username/email like etc...
# figure out how to store the db creds in separate file
class color:
PURPLE = '\033[95m'
CYAN = '\033[96m'
DARKCYAN = '\033[36m'
BLUE = '\033[94m'
GREEN = '\033[92m'
YELLOW = '\033[93m'
RED = '\033[91m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
FLASH = '\033[0.5m'
END = '\033[0m'
# DB info:
host =
db=
user=
password=
# take the argument provided by user
UN=str(sys.argv[1])
# SQL query to return user info + role
f_statement1 = """ set nocount on; set ansi_warnings off;
SELECT
pl.placement_id PID, pl.placement_name, p.partner_name Publisher, pc.description Platform_client, pit.description +'/'+ dt.description Integration_Device
FROM placement pl
JOIN partner p ON pl.partner_id = p.partner_id
JOIN platform_client pc ON p.platform_client_id = pc.platform_client_id
JOIN placement_integration_type_assoc pita ON pl.placement_id = pita.placement_id
JOIN placement_integration_type pit ON pita.placement_integration_type_id = pit.placement_integration_type_id
JOIN device_type dt ON pl.device_type_id = dt.device_type_id
WHERE pit.active=1
AND pita.active=1 AND pl.placement_id = """ + str(UN)
f_statement2 = """ set nocount on; set ansi_warnings off;
SELECT
pl.max_ad_duration Seconds, c.abbreviation Country,
CASE WHEN passback_allowed=0 THEN 'GUARANTEED' ELSE 'PASSBACK' END AS Buy_Type,
CASE WHEN pl.skippable=0 THEN 'Non-Skippable' ELSE 'Skippable' END AS Skippable,
CASE WHEN pl.active=1 THEN 'ACTIVE' ELSE 'NOT_ACTIVE' END AS Status
FROM placement pl
JOIN country c ON pl.country_id = c.country_id
WHERE pl.placement_id =""" + str(UN)
f_statement3 = """ set nocount on; set ansi_warnings off;
SELECT url_expression FROM AN_MAIN..placement_domain_whitelist
WHERE active=1 and placement_id =""" + str(UN)
# run the first query
print('\n')
print(color.UNDERLINE + color.BOLD + "Results for PID " + str(UN) + ":" + color.END)
results1=subprocess.call(["sqlcmd", "-S", host, "-U",user, "-P",password, "-d",db, "-Q", f_statement1, "-Y","30", "-s", "|" ])
print('\n')
results1=subprocess.call(["sqlcmd", "-S", host, "-U",user, "-P",password, "-d",db, "-Q", f_statement2, "-Y","30", "-s", "|" ])
print('\n')
print(color.UNDERLINE + color.BOLD + "Whitelist for PID " + str(UN) + ":" + color.END)
print('\n')
results1=subprocess.call(["sqlcmd", "-S", host, "-U",user, "-P",password, "-d",db, "-Q", f_statement3, "-Y","30", "-s", "|" ])
print('\n')
input ()
これによりエラーが発生します。
Results for PID 12345:
Traceback (most recent call last):
File "pid_info.py", line 57, in <module>
results1=subprocess.call(["sqlcmd", "-S", host, "-U",user, "-P",password, "-d",db, "-Q", f_statement1, "-Y","30", "-s", "|" ])
File "/usr/lib/python2.7/subprocess.py", line 523, in call
return Popen(*popenargs, **kwargs).wait()
File "/usr/lib/python2.7/subprocess.py", line 711, in __init__
errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1343, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
ここでどのような変更を行う必要がありますか?
答え1
sqlcmd
Pythonスクリプトは、環境変数にリストされているディレクトリにない環境で実行されますPATH
。
スクリプトを呼び出す前にあったディレクトリを含めるPATH
か、フルパスを使用してください。sqlcmd
sqlcmd
外部バイナリを使用せずにPythonコードからデータベース接続を作成できるPython用のSQLライブラリがあると確信しています。これにより、SQLインジェクション攻撃に対して脆弱ではない準備済みステートメントを実行することもできます。
変数をクリーンアップしませんUN
。つまり、次のようにスクリプトを呼び出すことができます。"12345; DROP DATABASE 'mydatabase';"