fix(tools): pin resolved IP in DB connectors to prevent DNS-rebinding SSRF

`validateDatabaseHost` resolved an IP that was then discarded — drivers re-resolved
the hostname at connect time, enabling DNS-rebinding TOCTOU.

- mongodb: pass resolved IP via MongoClient `lookup` option
- mysql: pin TCP socket via `stream` factory; keep hostname for TLS servername
- postgresql: connect to resolved IP; pass `ssl` object with `servername` for SNI
- redis: parse URL explicitly and pass options-only (URL+options breaks override
  due to ioredis's lodash.defaults); pin host and set `tls.servername` for rediss
- neo4j: pin IP for plain `bolt://`; leave `bolt+s`/`neo4j+s` unchanged to keep
  Aura cert validation working (driver hardcodes servername with no override)

Author: waleedlatif1

apps/sim/app/api/tools/mongodb/utils.ts

@@ -1,5 +1,8 @@
 import { MongoClient } from 'mongodb'
-import { validateDatabaseHost } from '@/lib/core/security/input-validation.server'
+import {
+  createPinnedLookup,
+  validateDatabaseHost,
+} from '@/lib/core/security/input-validation.server'
 import type { MongoDBCollectionInfo, MongoDBConnectionConfig } from '@/tools/mongodb/types'
 
 export async function createMongoDBConnection(config: MongoDBConnectionConfig) {
@@ -30,6 +33,7 @@ export async function createMongoDBConnection(config: MongoDBConnectionConfig) {
     connectTimeoutMS: 10000,
     socketTimeoutMS: 10000,
     maxPoolSize: 1,
+    lookup: createPinnedLookup(hostValidation.resolvedIP ?? config.host),
   })
 
   await client.connect()

apps/sim/app/api/tools/mysql/utils.ts

@@ -1,3 +1,4 @@
+import net from 'node:net'
 import mysql from 'mysql2/promise'
 import { validateDatabaseHost } from '@/lib/core/security/input-validation.server'
 
@@ -16,12 +17,20 @@ export async function createMySQLConnection(config: MySQLConnectionConfig) {
     throw new Error(hostValidation.error)
   }
 
+  const resolvedIP = hostValidation.resolvedIP ?? config.host
+
   const connectionConfig: mysql.ConnectionOptions = {
     host: config.host,
     port: config.port,
     database: config.database,
     user: config.username,
     password: config.password,
+    // Pin socket to resolved IP to prevent DNS rebinding; mysql2 still uses config.host for TLS servername.
+    stream: () => {
+      const socket = net.connect(config.port, resolvedIP)
+      socket.setNoDelay(true)
+      return socket
+    },
   }
 
   if (config.ssl === 'disabled') {

apps/sim/app/api/tools/neo4j/utils.ts

@@ -18,7 +18,15 @@ export async function createNeo4jDriver(config: Neo4jConnectionConfig) {
     protocol = config.encryption === 'enabled' ? 'bolt+s' : 'bolt'
   }
 
-  const uri = `${protocol}://${config.host}:${config.port}`
+  // neo4j-driver hardcodes TLS servername to the URI host with no override, so we only pin the IP for non-TLS to preserve Aura cert validation.
+  const useIPPinning = !protocol.endsWith('+s')
+  const resolvedIP = hostValidation.resolvedIP ?? config.host
+  const uriHost = useIPPinning
+    ? resolvedIP.includes(':')
+      ? `[${resolvedIP}]`
+      : resolvedIP
+    : config.host
+  const uri = `${protocol}://${uriHost}:${config.port}`
 
   const driverConfig: any = {
     maxConnectionPoolSize: 1,

apps/sim/app/api/tools/postgresql/utils.ts

@@ -8,17 +8,18 @@ export async function createPostgresConnection(config: PostgresConnectionConfig)
     throw new Error(hostValidation.error)
   }
 
-  const sslConfig =
+  const resolvedHost = hostValidation.resolvedIP ?? config.host
+
+  // `rejectUnauthorized: false` matches postgres.js's `'require'` string semantics; `servername` is set so SNI works with the pinned IP host.
+  const sslConfig: boolean | 'prefer' | { rejectUnauthorized: boolean; servername?: string } =
     config.ssl === 'disabled'
       ? false
-      : config.ssl === 'required'
-        ? 'require'
-        : config.ssl === 'preferred'
-          ? 'prefer'
-          : 'require'
+      : config.ssl === 'preferred'
+        ? 'prefer'
+        : { rejectUnauthorized: false, servername: config.host }
 
   const sql = postgres({
-    host: config.host,
+    host: resolvedHost,
     port: config.port,
     database: config.database,
     username: config.username,

apps/sim/app/api/tools/redis/execute/route.ts

@@ -36,7 +36,25 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
       return NextResponse.json({ error: hostValidation.error }, { status: 400 })
     }
 
-    client = new Redis(url, {
+    const resolvedIP = hostValidation.resolvedIP ?? hostname
+    const tlsEnabled = parsedUrl.protocol === 'rediss:'
+    const port = parsedUrl.port ? Number(parsedUrl.port) : 6379
+    const username = parsedUrl.username ? decodeURIComponent(parsedUrl.username) : undefined
+    const password = parsedUrl.password ? decodeURIComponent(parsedUrl.password) : undefined
+    const dbIndex =
+      parsedUrl.pathname && parsedUrl.pathname.length > 1
+        ? Number.parseInt(parsedUrl.pathname.slice(1), 10)
+        : Number.NaN
+
+    // Pin to resolved IP to prevent DNS rebinding; for `rediss://`, pass original hostname as TLS servername.
+    client = new Redis({
+      host: resolvedIP,
+      port,
+      username,
+      password,
+      db: Number.isFinite(dbIndex) ? dbIndex : 0,
+      family: resolvedIP.includes(':') ? 6 : 4,
+      tls: tlsEnabled ? { servername: hostname } : undefined,
       connectTimeout: 10000,
       commandTimeout: 10000,
       maxRetriesPerRequest: 1,