From 7ab700858938d16f6d80789d758f7af38274ee95 Mon Sep 17 00:00:00 2001
From: Eilon Cohen <120051919+eilonc-dev@users.noreply.github.com>
Date: Wed, 9 Apr 2025 21:58:52 +0300
Subject: [PATCH] Fix: Restrict write_query to INSERT, UPDATE, DELETE

The write_query endpoint previously only blocked SELECT statements,
potentially allowing other unintended or harmful SQL commands.

This change implements stricter validation to ensure that only queries
starting with INSERT, UPDATE, or DELETE (case-insensitive) are
accepted, aligning the behavior with the documented intent in the README.
---
 src/sqlite/src/mcp_server_sqlite/server.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/sqlite/src/mcp_server_sqlite/server.py b/src/sqlite/src/mcp_server_sqlite/server.py
index 01452022f1..ce4ea9c665 100644
--- a/src/sqlite/src/mcp_server_sqlite/server.py
+++ b/src/sqlite/src/mcp_server_sqlite/server.py
@@ -347,8 +347,10 @@ async def handle_call_tool(
                 return [types.TextContent(type="text", text=str(results))]
 
             elif name == "write_query":
-                if arguments["query"].strip().upper().startswith("SELECT"):
-                    raise ValueError("SELECT queries are not allowed for write_query")
+                query_upper = arguments["query"].strip().upper()
+                allowed_prefixes = ("INSERT", "UPDATE", "DELETE")
+                if not query_upper.startswith(allowed_prefixes):
+                    raise ValueError("Only INSERT, UPDATE, or DELETE queries are allowed for write_query")
                 results = db._execute_query(arguments["query"])
                 return [types.TextContent(type="text", text=str(results))]