From f8419f23a9aabd29323422ffa3a45aa8e1a50607 Mon Sep 17 00:00:00 2001
From: Matt Fancher <142915944+FancMa01@users.noreply.github.com>
Date: Thu, 25 Jan 2024 12:04:54 -0700
Subject: [PATCH] codeql fix

---
 server/routes/orbit/read.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/routes/orbit/read.js b/server/routes/orbit/read.js
index 99475f048..f633b6ce8 100644
--- a/server/routes/orbit/read.js
+++ b/server/routes/orbit/read.js
@@ -250,6 +250,8 @@ router.get(
       const { application_id, keyword } = req.params;
       if (!application_id) throw Error("Invalid app ID");
 
+      if (!typeof keyword === "string") throw Error("Invalid keyword");
+
       const query = `select Name from DimBuildInstance where Name like '%${keyword}%' and Name not like 'Scrub%' and EnvironmentName = 'Insurance' order by  Name asc`;
 
       const result = await runSQLQuery(query, dbConfig);