.Net: Fix input checking in Cosmos NoSQL, Redis and Weaviate providers (#13629)

Author: roji

dotnet/src/VectorData/CosmosNoSql/CosmosNoSqlCollectionQueryBuilder.cs

@@ -39,8 +39,7 @@ public static QueryDefinition BuildSearchQuery<TRecord>(
         Verify.NotNull(vector);
 
         const string VectorVariableName = "@vector";
-        // TODO: Use parameterized query for keywords when FullTextScore with parameters is supported.
-        //const string KeywordsVariableName = "@keywords";
+        const string KeywordVariablePrefix = "@keyword";
 
         var tableVariableName = CosmosNoSqlConstants.ContainerAlias;
 
@@ -53,15 +52,6 @@ public static QueryDefinition BuildSearchQuery<TRecord>(
         var vectorDistanceArgument = $"VectorDistance({GeneratePropertyAccess(tableVariableName, vectorPropertyName)}, {VectorVariableName})";
         var vectorDistanceArgumentWithAlias = $"{vectorDistanceArgument} AS {scorePropertyName}";
 
-        // Passing keywords using a parameter is not yet supported for FullTextScore so doing some crude string sanitization in the mean time to frustrate script injection.
-        var sanitizedKeywords = keywords is not null ? keywords.Select(x => x.Replace("\"", "")) : null;
-        var formattedKeywords = sanitizedKeywords is not null ? $"\"{string.Join("\", \"", sanitizedKeywords)}\"" : null;
-        var fullTextScoreArgument = textPropertyName is not null && keywords is not null
-            ? $"FullTextScore({GeneratePropertyAccess(tableVariableName, textPropertyName)}, {formattedKeywords})"
-            : null;
-
-        var rankingArgument = fullTextScoreArgument is null ? vectorDistanceArgument : $"RANK RRF({vectorDistanceArgument}, {fullTextScoreArgument})";
-
         var selectClauseArguments = string.Join(",", [.. fieldsArgument, vectorDistanceArgumentWithAlias]);
 
 #pragma warning disable CS0618 // VectorSearchFilter is obsolete
@@ -86,6 +76,25 @@ public static QueryDefinition BuildSearchQuery<TRecord>(
             }
         };
 
+        string? fullTextScoreArgument = null;
+        if (textPropertyName is not null && keywords is not null)
+        {
+            var fullTextScoreBuilder = new StringBuilder();
+            fullTextScoreBuilder.Append($"FullTextScore({GeneratePropertyAccess(tableVariableName, textPropertyName)}");
+            var i = 0;
+            foreach (var keyword in keywords)
+            {
+                var paramName = $"{KeywordVariablePrefix}{i}";
+                fullTextScoreBuilder.Append(", ").Append(paramName);
+                queryParameters[paramName] = keyword;
+                i++;
+            }
+            fullTextScoreBuilder.Append(')');
+            fullTextScoreArgument = fullTextScoreBuilder.ToString();
+        }
+
+        var rankingArgument = fullTextScoreArgument is null ? vectorDistanceArgument : $"RANK RRF({vectorDistanceArgument}, {fullTextScoreArgument})";
+
         // Add score threshold filter if specified.
         // For similarity functions (CosineSimilarity, DotProductSimilarity), higher scores are better, so filter with >=.
         // For distance functions (EuclideanDistance), lower scores are better, so filter with <=.
@@ -144,12 +153,6 @@ public static QueryDefinition BuildSearchQuery<TRecord>(
             builder.AppendLine($"OFFSET {skip} LIMIT {top}");
         }
 
-        // TODO: Use parameterized query for keywords when FullTextScore with parameters is supported.
-        //if (fullTextScoreArgument is not null)
-        //{
-        //    queryParameters.Add(KeywordsVariableName, keywords!.ToArray());
-        //}
-
         var queryDefinition = new QueryDefinition(builder.ToString());
 
         if (filterParameters is { Count: > 0 })

dotnet/src/VectorData/Redis/RedisFilterTranslator.cs

@@ -115,11 +115,7 @@ bool TryProcessEqualityComparison(Expression first, Expression second)
                     {
                         ExpressionType.Equal when constantValue is byte or short or int or long or float or double => $" == {constantValue}",
                         ExpressionType.Equal when constantValue is string stringValue
-#if NET
-                            => $$""":{"{{stringValue.Replace("\"", "\\\"", StringComparison.Ordinal)}}"}""",
-#else
-                            => $$""":{"{{stringValue.Replace("\"", "\"\"")}}"}""",
-#endif
+                            => $$""":{"{{SanitizeStringConstant(stringValue)}}"}""",
                         ExpressionType.Equal when constantValue is null => throw new NotSupportedException("Null value type not supported"), // TODO
 
                         ExpressionType.NotEqual when constantValue is int or long or float or double => $" != {constantValue}",
@@ -177,9 +173,9 @@ private void TranslateContains(Expression source, Expression item)
             this._filter
                 .Append('@')
                 .Append(property.StorageName)
-                .Append(":{")
-                .Append(stringConstant)
-                .Append('}');
+                .Append(":{\"")
+                .Append(SanitizeStringConstant(stringConstant))
+                .Append("\"}");
             return;
         }
 
@@ -238,7 +234,7 @@ private void TranslateAny(Expression source, LambdaExpression lambda)
                 this._filter.Append(" | ");
             }
 
-            this._filter.Append(stringElement);
+            this._filter.Append('"').Append(SanitizeStringConstant(stringElement)).Append('"');
         }
 
         this._filter.Append('}');
@@ -259,4 +255,11 @@ private void TranslateAny(Expression source, LambdaExpression lambda)
             return result;
         }
     }
+
+    private static string SanitizeStringConstant(string value)
+#if NET
+        => value.Replace("\"", "\\\"", StringComparison.Ordinal);
+#else
+        => value.Replace("\"", "\\\"");
+#endif
 }

dotnet/src/VectorData/Weaviate/WeaviateQueryBuilder.cs

@@ -149,6 +149,7 @@ public static string BuildHybridSearchQuery<TRecord, TVector>(
 #pragma warning restore CS0618
 
         var vectorArray = JsonSerializer.Serialize(vector, jsonSerializerOptions);
+        var sanitizedKeywords = keywords.Replace("\\", "\\\\").Replace("\"", "\\\"");
 
         return $$"""
         {
@@ -158,7 +159,7 @@ public static string BuildHybridSearchQuery<TRecord, TVector>(
               offset: {{searchOptions.Skip}}
               {{(filter is null ? "" : "where: " + filter)}}
               hybrid: {
-                query: "{{keywords}}"
+                query: "{{sanitizedKeywords}}"
                 properties: ["{{textProperty.StorageName}}"]
                 {{GetTargetVectorsQuery(hasNamedVectors, vectorProperty.StorageName)}}
                 vector: {{vectorArray}}

dotnet/test/VectorData/CosmosNoSql.UnitTests/CosmosNoSqlCollectionQueryBuilderTests.cs

@@ -221,17 +221,20 @@ public void BuildSearchQueryWithHybridFieldsReturnsValidHybridQueryDefinition()
         Assert.Contains("SELECT x[\"id\"],x[\"TestProperty1\"],x[\"TestProperty2\"],x[\"TestProperty3\"],VectorDistance(x[\"TestProperty1\"], @vector) AS TestScore", queryText);
         Assert.Contains("FROM x", queryText);
         Assert.Contains("WHERE x[\"TestProperty2\"] = @cv0 AND ARRAY_CONTAINS(x[\"TestProperty3\"], @cv1)", queryText);
-        Assert.Contains("ORDER BY RANK RRF(VectorDistance(x[\"TestProperty1\"], @vector), FullTextScore(x[\"TestProperty2\"], \"hybrid\"))", queryText);
+        Assert.Contains("ORDER BY RANK RRF(VectorDistance(x[\"TestProperty1\"], @vector), FullTextScore(x[\"TestProperty2\"], @keyword0))", queryText);
         Assert.Contains("OFFSET 5 LIMIT 10", queryText);
 
         Assert.Equal("@vector", queryParameters[0].Name);
         Assert.Equal(vector, queryParameters[0].Value);
 
-        Assert.Equal("@cv0", queryParameters[1].Name);
-        Assert.Equal("test-value-2", queryParameters[1].Value);
+        Assert.Equal("@keyword0", queryParameters[1].Name);
+        Assert.Equal("hybrid", queryParameters[1].Value);
 
-        Assert.Equal("@cv1", queryParameters[2].Name);
-        Assert.Equal("test-value-3", queryParameters[2].Value);
+        Assert.Equal("@cv0", queryParameters[2].Name);
+        Assert.Equal("test-value-2", queryParameters[2].Value);
+
+        Assert.Equal("@cv1", queryParameters[3].Name);
+        Assert.Equal("test-value-3", queryParameters[3].Value);
     }
 
 #pragma warning disable CA1812 // An internal class that is apparently never instantiated. If so, remove the code from the assembly.

dotnet/test/VectorData/Redis.ConformanceTests/RedisFilterTests.cs

@@ -77,14 +77,6 @@ public class RedisJsonFilterTests(RedisJsonFilterTests.Fixture fixture)
 
         protected override string CollectionNameBase => "JsonFilterTests";
 
-        public override string SpecialCharactersText
-#if NET
-            => base.SpecialCharactersText;
-#else
-            // Redis client doesn't properly escape '"' on Full Framework.
-            => base.SpecialCharactersText.Replace("\"", "");
-#endif
-
         // Override to remove the bool property, which isn't (currently) supported on Redis/JSON
         public override VectorStoreCollectionDefinition CreateRecordDefinition()
             => new()
@@ -163,14 +155,6 @@ public override Task Any_over_List_with_Contains_over_captured_string_array()
 
         protected override string CollectionNameBase => "HashSetCollectionFilterTests";
 
-        public override string SpecialCharactersText
-#if NET
-            => base.SpecialCharactersText;
-#else
-            // Redis client doesn't properly escape '"' on Full Framework.
-            => base.SpecialCharactersText.Replace("\"", "");
-#endif
-
         // Override to remove the bool property, which isn't (currently) supported on Redis
         public override VectorStoreCollectionDefinition CreateRecordDefinition()
             => new()

dotnet/test/VectorData/Redis.UnitTests/RedisFilterTranslatorTests.cs

@@ -0,0 +1,142 @@
+// Copyright (c) Microsoft. All rights reserved.
+
+using System;
+using System.Linq;
+using System.Linq.Expressions;
+using Microsoft.Extensions.VectorData;
+using Microsoft.Extensions.VectorData.ProviderServices;
+using Xunit;
+
+namespace Microsoft.SemanticKernel.Connectors.Redis.UnitTests;
+
+#pragma warning disable MEVD9001 // Experimental
+
+public sealed class RedisFilterTranslatorTests
+{
+    [Fact]
+    public void Contains_with_simple_string()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo"));
+        Assert.Equal("""@Tags:{"foo"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_curly_brace_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo}bar"));
+        Assert.Equal("""@Tags:{"foo}bar"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_pipe_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo|bar"));
+        Assert.Equal("""@Tags:{"foo|bar"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_double_quote_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo\"bar"));
+        Assert.Equal("""@Tags:{"foo\"bar"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_asterisk_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo*bar"));
+        Assert.Equal("""@Tags:{"foo*bar"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_at_sign_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("foo@bar"));
+        Assert.Equal("""@Tags:{"foo@bar"}""", result);
+    }
+
+    [Fact]
+    public void Contains_with_injection_attempt()
+    {
+        var result = Translate<TestRecord>(r => r.Tags.Contains("evil} | @secret:{*"));
+        Assert.Equal("""@Tags:{"evil} | @secret:{*"}""", result);
+    }
+
+    [Fact]
+    public void Any_with_simple_strings()
+    {
+        var values = new[] { "a", "b" };
+        var result = Translate<TestRecord>(r => r.Tags.Any(t => values.Contains(t)));
+        Assert.Equal("""@Tags:{"a" | "b"}""", result);
+    }
+
+    [Fact]
+    public void Any_with_metacharacters_in_values()
+    {
+        var values = new[] { "a|b", "c}d" };
+        var result = Translate<TestRecord>(r => r.Tags.Any(t => values.Contains(t)));
+        Assert.Equal("""@Tags:{"a|b" | "c}d"}""", result);
+    }
+
+    [Fact]
+    public void Any_with_double_quotes_in_values()
+    {
+        var values = new[] { "a\"b", "c\"d" };
+        var result = Translate<TestRecord>(r => r.Tags.Any(t => values.Contains(t)));
+        Assert.Equal("""@Tags:{"a\"b" | "c\"d"}""", result);
+    }
+
+    [Fact]
+    public void Any_with_injection_attempt()
+    {
+        var values = new[] { "safe", "x} | @admin:{true" };
+        var result = Translate<TestRecord>(r => r.Tags.Any(t => values.Contains(t)));
+        Assert.Equal("""@Tags:{"safe" | "x} | @admin:{true"}""", result);
+    }
+
+    [Fact]
+    public void Equal_with_simple_string()
+    {
+        var result = Translate<TestRecord>(r => r.Name == "foo");
+        Assert.Equal("""@Name:{"foo"}""", result);
+    }
+
+    [Fact]
+    public void Equal_with_double_quote_in_value()
+    {
+        var result = Translate<TestRecord>(r => r.Name == "foo\"bar");
+        Assert.Equal("""@Name:{"foo\"bar"}""", result);
+    }
+
+    private static string Translate<TRecord>(Expression<Func<TRecord, bool>> filter)
+    {
+        var model = BuildModel();
+        return new RedisFilterTranslator().Translate(filter, model);
+    }
+
+    private static CollectionModel BuildModel()
+    {
+        var definition = new VectorStoreCollectionDefinition
+        {
+            Properties =
+            [
+                new VectorStoreKeyProperty("Id", typeof(string)),
+                new VectorStoreDataProperty("Name", typeof(string)),
+                new VectorStoreDataProperty("Tags", typeof(string[])),
+                new VectorStoreVectorProperty("Embedding", typeof(ReadOnlyMemory<float>), 10)
+            ]
+        };
+
+        return new RedisJsonModelBuilder(RedisJsonCollection<string, object>.ModelBuildingOptions).BuildDynamic(definition, defaultEmbeddingGenerator: null);
+    }
+
+#pragma warning disable CA1812
+    private sealed record TestRecord
+    {
+        public string Id { get; set; } = string.Empty;
+        public string Name { get; set; } = string.Empty;
+        public string[] Tags { get; set; } = [];
+        public ReadOnlyMemory<float> Embedding { get; set; }
+    }
+#pragma warning restore CA1812
+}