openharmony/distributeddatamgr_relational_store
1
0
Fork 0
mirror of https://gitee.com/openharmony/distributeddatamgr_relational_store synced 2024-11-27 01:01:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

SQL语句匿名化

Browse Source 
Signed-off-by: bjd <baijidong@huawei.com>
This commit is contained in:
bjd 2024-11-19 14:14:07 +08:00
parent c2ee07e884
commit 58ec0135ae
5 changed files with 195 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
frameworks/native/rdb/src/rdb_store_impl.cpp
View File

@ -1023,7 +1023,7 @@ std::pair<int, int64_t> RdbStoreImpl::BatchInsert(const std::string &table, cons
auto [errCode, statement] = GetStatement(sql, connection);
if (statement == nullptr) {
LOG_ERROR("statement is nullptr, errCode:0x%{public}x, args:%{public}zu, table:%{public}s, sql:%{public}s",
errCode, bindArgs.size(), table.c_str(), sql.c_str());
errCode, bindArgs.size(), table.c_str(), SqliteUtils::AnonySql(sql).c_str());
return { E_OK, -1 };
}
for (const auto &args : bindArgs) {
@ -1034,7 +1034,7 @@ std::pair<int, int64_t> RdbStoreImpl::BatchInsert(const std::string &table, cons
}
if (errCode != E_OK) {
LOG_ERROR("failed, errCode:%{public}d,args:%{public}zu,table:%{public}s,sql:%{public}s", errCode,
bindArgs.size(), table.c_str(), sql.c_str());
bindArgs.size(), table.c_str(), SqliteUtils::AnonySql(sql).c_str());
return { E_OK, -1 };
}
}
@ -1173,7 +1173,7 @@ int RdbStoreImpl::ExecuteSql(const std::string &sql, const Values &args)
}
errCode = statement->Execute(args);
if (errCode != E_OK) {
LOG_ERROR("failed,error:0x%{public}x sql:%{public}s.", errCode, sql.c_str());
LOG_ERROR("failed,error:0x%{public}x sql:%{public}s.", errCode, SqliteUtils::AnonySql(sql).c_str());
if (errCode == E_SQLITE_LOCKED || errCode == E_SQLITE_BUSY) {
connectionPool_->Dump(true, "EXECUTE");
}
@ -1187,7 +1187,7 @@ int RdbStoreImpl::ExecuteSql(const std::string &sql, const Values &args)
statement = nullptr;
if (vSchema_ < static_cast<int64_t>(version)) {
LOG_INFO("db:%{public}s exe DDL schema<%{public}" PRIi64 "->%{public}" PRIi64 "> sql:%{public}s.",
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), sql.c_str());
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), SqliteUtils::AnonySql(sql).c_str());
vSchema_ = version;
errCode = connectionPool_->RestartReaders();
}
@ -1209,7 +1209,7 @@ std::pair<int32_t, ValueObject> RdbStoreImpl::Execute(const std::string &sql, co
SqlStatistic sqlStatistic("", SqlStatistic::Step::STEP_TOTAL);
int sqlType = SqliteUtils::GetSqlStatementType(sql);
if (!SqliteUtils::IsSupportSqlForExecute(sqlType)) {
LOG_ERROR("Not support the sqlType: %{public}d, sql: %{public}s", sqlType, sql.c_str());
LOG_ERROR("Not support the sqlType: %{public}d, sql: %{public}s", sqlType, SqliteUtils::AnonySql(sql).c_str());
return { E_NOT_SUPPORT_THE_SQL, object };
}
@ -1229,7 +1229,7 @@ std::pair<int32_t, ValueObject> RdbStoreImpl::Execute(const std::string &sql, co
errCode = statement->Execute(args);
if (errCode != E_OK) {
LOG_ERROR("failed,error:0x%{public}x sql:%{public}s.", errCode, sql.c_str());
LOG_ERROR("failed,error:0x%{public}x sql:%{public}s.", errCode, SqliteUtils::AnonySql(sql).c_str());
if (errCode == E_SQLITE_LOCKED || errCode == E_SQLITE_BUSY) {
connectionPool_->Dump(true, "EXECUTE");
}
@ -1263,7 +1263,7 @@ std::pair<int32_t, ValueObject> RdbStoreImpl::HandleDifferentSqlTypes(std::share
}
if (statement->GetColumnCount() > 1) {
LOG_ERROR("Not support the sql:%{public}s, column count more than 1", sql.c_str());
LOG_ERROR("Not support the sql:%{public}s, column count more than 1", SqliteUtils::AnonySql(sql).c_str());
return { E_NOT_SUPPORT_THE_SQL, object };
}
}
@ -1274,7 +1274,7 @@ std::pair<int32_t, ValueObject> RdbStoreImpl::HandleDifferentSqlTypes(std::share
auto [err, version] = statement->ExecuteForValue();
if (vSchema_ < static_cast<int64_t>(version)) {
LOG_INFO("db:%{public}s exe DDL schema<%{public}" PRIi64 "->%{public}" PRIi64 "> sql:%{public}s.",
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), sql.c_str());
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), SqliteUtils::AnonySql(sql).c_str());
vSchema_ = version;
errCode = connectionPool_->RestartReaders();
}
@ -1293,7 +1293,7 @@ int RdbStoreImpl::ExecuteAndGetLong(int64_t &outValue, const std::string &sql, c
}
auto [err, object] = statement->ExecuteForValue(args);
if (err != E_OK) {
LOG_ERROR("failed, sql %{public}s, ERROR is %{public}d.", sql.c_str(), err);
LOG_ERROR("failed, sql %{public}s, ERROR is %{public}d.", SqliteUtils::AnonySql(sql).c_str(), err);
}
outValue = object;
return err;
@ -1311,7 +1311,7 @@ int RdbStoreImpl::ExecuteAndGetString(std::string &outValue, const std::string &
ValueObject object;
std::tie(errCode, object) = statement->ExecuteForValue(args);
if (errCode != E_OK) {
LOG_ERROR("failed, sql %{public}s, ERROR is %{public}d.", sql.c_str(), errCode);
LOG_ERROR("failed, sql %{public}s, ERROR is %{public}d.", SqliteUtils::AnonySql(sql).c_str(), errCode);
}
outValue = static_cast<std::string>(object);
return errCode;

4
frameworks/native/rdb/src/sqlite_connection.cpp
View File

@ -456,7 +456,7 @@ std::pair<int, std::shared_ptr<Statement>> SqliteConnection::CreateStatement(
slaveStmt->config_ = &slaveConnection_->config_;
errCode = slaveStmt->Prepare(slaveConnection_->dbHandle_, sql);
if (errCode != E_OK) {
LOG_WARN("prepare slave stmt failed:%{public}d, sql:%{public}s", errCode, sql.c_str());
LOG_WARN("prepare slave stmt failed:%{public}d, sql:%{public}s", errCode, SqliteUtils::AnonySql(sql).c_str());
SqliteUtils::SetSlaveInvalid(config_.GetPath());
return { E_OK, statement };
}
@ -858,7 +858,7 @@ std::pair<int32_t, ValueObject> SqliteConnection::ExecuteForValue(const std::str
std::tie(errCode, object) = statement->ExecuteForValue(bindArgs);
if (errCode != E_OK) {
LOG_ERROR("execute sql failed, errCode:%{public}d, sql:%{public}s, args size:%{public}zu",
SQLiteError::ErrNo(errCode), sql.c_str(), bindArgs.size());
SQLiteError::ErrNo(errCode), SqliteUtils::AnonySql(sql).c_str(), bindArgs.size());
}
return { errCode, object };
}

238
frameworks/native/rdb/src/sqlite_utils.cpp
View File

@ -44,18 +44,12 @@ constexpr int32_t FILE_PATH_MINI_SIZE = 6;
constexpr int32_t AREA_MINI_SIZE = 4;
constexpr int32_t AREA_OFFSET_SIZE = 5;
constexpr int32_t PRE_OFFSET_SIZE = 1;
constexpr int32_t INSERT_INTO_VALUES_SIZE = 20;
constexpr int32_t INSERT_INTO_SIZE = 12;
constexpr int32_t UPDATE_SIZE = 6;
constexpr int32_t DELETE_FROM_SIZE = 11;
constexpr int32_t CREATE_DATABASE_SIZE = 15;
constexpr int32_t CREATE_TABLE_SIZE = 12;
constexpr int32_t DROP_TABLE_SIZE = 11;
constexpr int32_t DROP_DATABASE_SIZE = 13;
constexpr int32_t PRAGMA_SIZE = 6;
constexpr int32_t DROP_TABLE_IFEXITS_SIZE = 19;
constexpr int32_t DROP_DATABASE_IFEXITS_SIZE = 22;
constexpr int32_t ALTER_TABLE_SIZE = 11;
constexpr int32_t OTHER_SIZE = 6;
constexpr int32_t START_SIZE = 0;
@ -257,11 +251,6 @@ bool IsSpecialChar(char c)
{
return (c == ' ' || c == '.' || c == ',' || c == '!' || c == '?' || c == ':' || c == '(' || c == ')' || c == ';');
}
std::string ReplaceMultipleSpaces(const std::string &str)
{
std::string result = StringUtils::Trim(str);
return std::regex_replace(result, std::regex(" +"), " ");
}
std::vector<std::string> SplitString(const std::string &input)
{
@ -284,125 +273,202 @@ std::vector<std::string> SplitString(const std::string &input)
return result;
}
std::string ProcessSensitiveString(const std::string &input)
std::string ReplaceMultipleSpaces(const std::string &str)
{
std::string result = str;
if (result.empty()) {
return result;
}
result.erase(0, result.find_first_not_of(" "));
result.erase(result.find_last_not_of(" ") + 1);
return std::regex_replace(result, std::regex(" +"), " ");
}
std::string ProcessString(const std::string &input)
{
std::vector<std::string> words = SplitString(input);
std::string result;
for (const std::string &word : words) {
std::string processedWord;
if (word.size() <= 2) {
processedWord = word;
std::transform(processedWord.begin(), processedWord.end(), processedWord.begin(), [](char c) {
if (std::isdigit(c)) {
return '*';
} else {
return c;
}
});
if (word.size() == 2) {
processedWord[0] = '*';
}
std::string processedWord = word;
if (word.size() == 1 && std::isdigit(word[0])) {
processedWord[0] = '*';
} else if (word.size() >= 2 && word.size() <= 4) {
processedWord[0] = '*';
} else {
processedWord = word;
std::transform(processedWord.begin(), processedWord.end(), processedWord.begin(), [](char c) {
if (std::isdigit(c)) {
return '*';
} else {
return c;
}
});
int halfLength = processedWord.size() / 2;
for (int i = halfLength / 2; i <= (halfLength / 2) * 3; i++) {
int length = processedWord.length() - 3;
for (int i = 0; i < length; i++) {
processedWord[i] = '*';
}
}
result += processedWord;
}
return result;
}
std::string ProcessFront(std::string str)
{
size_t lastSpacePos;
if (!str.empty() && str.back() == ' ') {
str = str.substr(0, str.length() - 1);
}
lastSpacePos = str.find_last_of(' ');
if (lastSpacePos != std::string::npos) {
str.replace(lastSpacePos + 1, str.length() - lastSpacePos,
ProcessString(str.substr(lastSpacePos + 1, str.length() - lastSpacePos)));
}
return str;
}
std::string ProcessBack(std::string str)
{
std::vector<std::string> tokens;
std::string delimiter = ",";
size_t pos = 0;
while ((pos = str.find(delimiter)) != std::string::npos) {
std::string token = str.substr(0, pos);
tokens.push_back(token);
str.erase(0, pos + delimiter.length());
}
tokens.push_back(str);
std::string result;
for (const auto &token : tokens) {
std::string repToken = ReplaceMultipleSpaces(token);
size_t spacePos = repToken.find(' ');
if (spacePos != std::string::npos) {
std::string replacedToken = ProcessString(repToken.substr(0, spacePos)) + repToken.substr(spacePos);
if (!result.empty()) {
result += ", ";
}
result += replacedToken;
}
}
return result;
}
std::string MaskedCreateSql(std::string sql)
{
auto pre = sql.find("(");
auto end = sql.rfind(")");
auto front = sql.substr(0, pre);
auto back = sql.substr(pre, end - pre);
front = ProcessFront(front);
back = ProcessBack(back);
return front + " " + back + ")";
}
std::string SqliteUtils::AnonySql(const std::string &sql)
{
std::regex SELECT_REGEX("SELECT\\s+(.*)\\s+FROM\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex INSERT_REGEX("INSERT\\s+INTO\\s+(.*)\\s+VALUES\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex UPDATE_REGEX("UPDATE\\s+([^\\s]+)", std::regex_constants::icase);
std::regex DELETE_REGEX("DELETE\\s+FROM\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex CREATE_DATABASE_REGEX("CREATE\\s+DATABASE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex CREATE_TABLE_REGEX("CREATE\\s+TABLE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex DROP_TABLE_REGAX("DROP\\s+TABLE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex DROP_DATABASE_REGEX("DROP\\s+DATABASE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex PRAGMA_REGEX("PRAGMA\\s+(.*)", std::regex_constants::icase);
std::regex DROP_TABLE_IF_EXITS_REGEX("DROP\\s+TABLE\\s+IF\\s+EXISTS\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex DROP_DATABASE_IF_EXITS_REGEX(
std::regex REGEX_SELECT("SELECT\\s+(.*)\\s+FROM\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_INSERT("INSERT\\s+INTO\\s+(.*)\\s+VALUES\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_UPDATE("UPDATE\\s+(.*)\\s+SET\\s+(.*)\\s+WHERE\\s+([^\\s]+)", std::regex_constants::icase);
std::regex REGEX_DELETE("DELETE\\s+FROM\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_CREATE_DATABASE("CREATE\\s+DATABASE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_CREATE_TABLE("CREATE\\s+TABLE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGAX_DROP_TABLE("DROP\\s+TABLE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_DROP_DATABASE("DROP\\s+DATABASE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_PRAGMA("PRAGMA\\s+(.*)", std::regex_constants::icase);
std::regex REGEX_DROP_TABLE_IF_EXITS("DROP\\s+TABLE\\s+IF\\s+EXISTS\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_DROP_DATABASE_IF_EXITS(
"DROP\\s+DATABASE\\s+IF\\s+EXISTS\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex ALTER_TABLE_REGEX("ALTER\\s+TABLE\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_ALTER_TABLE_DROP(
"ALTER\\s+TABLE\\s+(.*)\\s+DROP COLUMN\\s+([^\\s;]+)", std::regex_constants::icase);
std::regex REGEX_ALTER_TABLE_ADD("ALTER\\s+TABLE\\s+(.*)\\s+ADD COLUMN\\s+([^\\s;]+)", std::regex_constants::icase);
std::string replaceSql = ReplaceMultipleSpaces(sql);
std::smatch match;
if (std::regex_search(replaceSql, match, SELECT_REGEX)) {
if (std::regex_search(replaceSql, match, REGEX_SELECT)) {
std::string columns = match[1].str();
std::string table = match[2].str();
std::string MaskedSql = std::regex_replace(
replaceSql, SELECT_REGEX, "SELECT " + ProcessSensitiveString(columns) + " FROM " + ProcessSensitiveString(table));
std::regex WHERE_REGEX("WHERE\\s+(.*)", std::regex_constants::icase);
std::smatch WHERE_MATCH;
if (std::regex_search(MaskedSql, WHERE_MATCH, WHERE_REGEX)) {
std::string whereClause = WHERE_MATCH[1].str();
MaskedSql = std::regex_replace(MaskedSql, WHERE_REGEX, "WHERE " + ProcessSensitiveString(whereClause));
replaceSql, REGEX_SELECT, "SELECT " + ProcessString(columns) + " FROM " + ProcessString(table));
std::regex where_regex("WHERE\\s+(.*)", std::regex_constants::icase);
std::smatch where_match;
if (std::regex_search(MaskedSql, where_match, where_regex)) {
std::string whereClause = where_match[1].str();
MaskedSql = std::regex_replace(MaskedSql, where_regex, "WHERE " + ProcessString(whereClause));
}
return MaskedSql;
} else if (std::regex_search(replaceSql, match, INSERT_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_INSERT)) {
std::string columns = match[1].str();
std::string MaskedSql = "INSERT INTO " + ProcessSensitiveString(replaceSql.substr(INSERT_INTO_SIZE, columns.length())) +
" VALUES " +
ProcessSensitiveString(replaceSql.substr(INSERT_INTO_VALUES_SIZE + columns.length()));
std::string MaskedSql = "INSERT INTO " + ProcessString(replaceSql.substr(12, columns.length())) + " VALUES " +
ProcessString(replaceSql.substr(20 + columns.length()));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, UPDATE_REGEX)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, UPDATE_SIZE) + ProcessSensitiveString(replaceSql.substr(UPDATE_SIZE));
} else if (std::regex_search(replaceSql, match, REGEX_UPDATE)) {
std::string columns = match[1].str();
std::string table = match[2].str();
std::string table2 = match[3].str();
std::string MaskedSql = "UPDATE " + ProcessString(columns) + " SET " + ProcessString(table) + " WHERE " +
ProcessString(replaceSql.substr(19 + columns.length() + table.length()));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, DELETE_REGEX)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, DELETE_FROM_SIZE) + ProcessSensitiveString(replaceSql.substr(DELETE_FROM_SIZE));
} else if (std::regex_search(replaceSql, match, REGEX_DELETE)) {
std::string table = match[1].str();
std::string MaskedTable = ProcessString(table);
std::string MaskedSql = std::regex_replace(replaceSql, REGEX_DELETE, "DELETE FROM " + MaskedTable);
std::regex where_regex("WHERE\\s+(.*)", std::regex_constants::icase);
std::smatch where_match;
if (std::regex_search(MaskedSql, where_match, where_regex)) {
std::string whereClause = where_match[1].str();
std::string maskedWhere = ProcessString(whereClause);
MaskedSql = std::regex_replace(MaskedSql, where_regex, "WHERE " + maskedWhere);
}
return MaskedSql;
} else if (std::regex_search(replaceSql, match, CREATE_DATABASE_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_CREATE_DATABASE)) {
std::string MaskedSql = replaceSql.substr(START_SIZE, CREATE_DATABASE_SIZE) +
ProcessSensitiveString(replaceSql.substr(CREATE_DATABASE_SIZE));
ProcessString(replaceSql.substr(CREATE_DATABASE_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, CREATE_TABLE_REGEX)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, CREATE_TABLE_SIZE) + ProcessSensitiveString(replaceSql.substr(CREATE_TABLE_SIZE));
} else if (std::regex_search(replaceSql, match, REGEX_CREATE_TABLE)) {
std::string MaskedSql = MaskedCreateSql(replaceSql);
return MaskedSql;
} else if (std::regex_search(replaceSql, match, DROP_TABLE_IF_EXITS_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_DROP_TABLE_IF_EXITS)) {
std::string MaskedSql = replaceSql.substr(START_SIZE, DROP_TABLE_IFEXITS_SIZE) +
ProcessSensitiveString(replaceSql.substr(DROP_TABLE_IFEXITS_SIZE));
ProcessString(replaceSql.substr(DROP_TABLE_IFEXITS_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, DROP_DATABASE_IF_EXITS_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_DROP_DATABASE_IF_EXITS)) {
std::string MaskedSql = replaceSql.substr(START_SIZE, DROP_DATABASE_IFEXITS_SIZE) +
ProcessSensitiveString(replaceSql.substr(DROP_DATABASE_IFEXITS_SIZE));
ProcessString(replaceSql.substr(DROP_DATABASE_IFEXITS_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, DROP_TABLE_REGAX)) {
} else if (std::regex_search(replaceSql, match, REGAX_DROP_TABLE)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, DROP_TABLE_SIZE) + ProcessSensitiveString(replaceSql.substr(DROP_TABLE_SIZE));
replaceSql.substr(START_SIZE, DROP_TABLE_SIZE) + ProcessString(replaceSql.substr(DROP_TABLE_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, DROP_DATABASE_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_DROP_DATABASE)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, DROP_DATABASE_SIZE) + ProcessSensitiveString(replaceSql.substr(DROP_DATABASE_SIZE));
replaceSql.substr(START_SIZE, DROP_DATABASE_SIZE) + ProcessString(replaceSql.substr(DROP_DATABASE_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, ALTER_TABLE_REGEX)) {
} else if (std::regex_search(replaceSql, match, REGEX_PRAGMA)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, ALTER_TABLE_SIZE) + ProcessSensitiveString(replaceSql.substr(ALTER_TABLE_SIZE));
replaceSql.substr(START_SIZE, PRAGMA_SIZE) + ProcessString(replaceSql.substr(PRAGMA_SIZE));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, PRAGMA_REGEX)) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, PRAGMA_SIZE) + ProcessSensitiveString(replaceSql.substr(PRAGMA_SIZE));
} else if (std::regex_search(replaceSql, match, REGEX_ALTER_TABLE_DROP)) {
std::string columns = match[1].str();
std::string table = match[2].str();
std::string MaskedSql = std::regex_replace(replaceSql, REGEX_ALTER_TABLE_DROP,
"ALTER TABLE " + ProcessString(columns) + " DROP COLUMN " + ProcessString(table));
return MaskedSql;
} else if (std::regex_search(replaceSql, match, REGEX_ALTER_TABLE_ADD)) {
std::string columns = match[1].str();
std::string table = match[2].str();
std::string MaskedSql = std::regex_replace(replaceSql, REGEX_ALTER_TABLE_ADD,
"ALTER TABLE " + ProcessString(columns) + " ADD COLUMN " + ProcessString(table));
return MaskedSql;
}
std::string MaskedSql = replaceSql.substr(START_SIZE, OTHER_SIZE) + ProcessSensitiveString(replaceSql.substr(OTHER_SIZE));
return MaskedSql;
if (replaceSql.length() > OTHER_SIZE) {
std::string MaskedSql =
replaceSql.substr(START_SIZE, OTHER_SIZE) + ProcessString(replaceSql.substr(OTHER_SIZE));
return MaskedSql;
}
return sql;
}
ssize_t SqliteUtils::GetFileSize(const std::string &fileName)

6
frameworks/native/rdb/src/trans_db.cpp
View File

@ -196,7 +196,7 @@ std::pair<int32_t, ValueObject> TransDB::Execute(const std::string &sql, const V
ValueObject object;
int sqlType = SqliteUtils::GetSqlStatementType(sql);
if (!SqliteUtils::IsSupportSqlForExecute(sqlType) && !SqliteUtils::IsSpecial(sqlType)) {
LOG_ERROR("Not support the sql:%{public}s", sql.c_str());
LOG_ERROR("Not support the sql:%{public}s", SqliteUtils::AnonySql(sql).c_str());
return { E_INVALID_ARGS, object };
}
@ -207,7 +207,7 @@ std::pair<int32_t, ValueObject> TransDB::Execute(const std::string &sql, const V
errCode = statement->Execute(args);
if (errCode != E_OK) {
LOG_ERROR("failed,sql:%{public}s, error:0x%{public}x.", sql.c_str(), errCode);
LOG_ERROR("failed,sql:%{public}s, error:0x%{public}x.", SqliteUtils::AnonySql(sql).c_str(), errCode);
return { errCode, object };
}
@ -233,7 +233,7 @@ std::pair<int32_t, ValueObject> TransDB::Execute(const std::string &sql, const V
auto [err, version] = statement->ExecuteForValue();
if (vSchema_ < static_cast<int64_t>(version)) {
LOG_INFO("db:%{public}s exe DDL schema<%{public}" PRIi64 "->%{public}" PRIi64 "> sql:%{public}s.",
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), sql.c_str());
SqliteUtils::Anonymous(name_).c_str(), vSchema_, static_cast<int64_t>(version), SqliteUtils::AnonySql(sql).c_str());
vSchema_ = version;
}
}

50
test/native/rdb/unittest/sqlite_utils_test.cpp
View File

@ -164,100 +164,106 @@ HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0023, TestSize.Level1)
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0024, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("select value1, value2 from bigint_table WHERE case = 1."),
"SELECT v***e*, v***e* FROM big*******le WHERE c*** = *.");
EXPECT_EQ(SqliteUtils::AnonySql("select value1, value2 from table WHERE case = 1."),
"SELECT ***ue1, ***ue2 FROM **ble WHERE *ase = *.");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0025, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql("select value1, value2 from bigint_table."), "SELECT v***e*, v***e* FROM big*******le.");
SqliteUtils::AnonySql("select value1, value2 from table."), "SELECT ***ue1, ***ue2 FROM **ble.");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0026, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("SELECT * FROM test."), "SELECT * FROM t***.");
EXPECT_EQ(SqliteUtils::AnonySql("SELECT * FROM test."), "SELECT * FROM *est.");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0027, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("INSERT INTO test (data1, data2, data3, data4) VALUES (?, ?, ?, ?);"),
"INSERT INTO t*** (d****, d****, d****, d****) VALUES (?, ?, ?, ?);");
"INSERT INTO *est (**ta1, **ta2, **ta3, **ta4) VALUES (?, ?, ?, ?);");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0028, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql("UPDATE test SET age = 18 WHERE id = 1."), "UPDATE t*** *ET *ge = ** W***E *d = *.");
SqliteUtils::AnonySql("UPDATE test SET age = 8 WHERE id = 1."), "UPDATE *est SET *ge = * WHERE *d = *.");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0029, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("DELETE FROM test;"), "DELETE FROM t***;");
EXPECT_EQ(SqliteUtils::AnonySql("DELETE FROM test;"), "DELETE FROM *est;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0030, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("DELETE FROM test WHERE time = 30;"), "DELETE FROM t*** W***E t*** = **;");
EXPECT_EQ(SqliteUtils::AnonySql("DELETE FROM test WHERE time = 3;"), "DELETE FROM *est WHERE *ime = *;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0031, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("CREATE DATABASE DBtest.db;"), "CREATE DATABASE D***st.*b;");
EXPECT_EQ(SqliteUtils::AnonySql("CREATE DATABASE DBtest.db;"), "CREATE DATABASE ***est.*b;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0032, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql(
"CREATE TABLE IF NOT EXISTS TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, attachment ASSET, attachments ASSETS)."),
"CREATE TABLE *F *OT E***TS T*** (*d *NT P***ARY *EY, n*** T***, e***nd B***, c*** R***, y***s UN*****ED *NT, at*****ent A***T, at*****ents A***TS).");
"CREATE TABLE IF NOT EXISTS TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, ment ASSET, ments ASSETS)."),
"CREATE TABLE IF NOT EXISTS *EST (*d INT PRIMARY KEY, *ame TEXT, ***end BLOB, *ode REAL, **ars UNLIMITED INT, *ent ASSET, **nts ASSETS)");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0033, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql(
"CREATE TABLE TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, attachment ASSET, attachments ASSETS)."),
"CREATE TABLE T*** (*d *NT P***ARY *EY, n*** T***, e***nd B***, c*** R***, y***s UN*****ED *NT, at*****ent A***T, at*****ents A***TS).");
"CREATE TABLE TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, ment ASSET, ments ASSETS)."),
"CREATE TABLE *EST (*d INT PRIMARY KEY, *ame TEXT, ***end BLOB, *ode REAL, **ars UNLIMITED INT, *ent ASSET, **nts ASSETS)");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0034, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("DROP TABLE IF EXISTS bigint_table;"), "DROP TABLE IF EXISTS big*******le;");
EXPECT_EQ(SqliteUtils::AnonySql("DROP TABLE IF EXISTS table1;"), "DROP TABLE IF EXISTS ***le1;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0035, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("DROP TABLE bigint_table;"), "DROP TABLE big*******le;");
EXPECT_EQ(SqliteUtils::AnonySql("DROP TABLE table;"), "DROP TABLE **ble;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0036, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql("DROP DATABASE IF EXISTS database_name;"), "DROP DATABASE IF EXISTS dat*******ame;");
SqliteUtils::AnonySql("DROP DATABASE IF EXISTS name1;"), "DROP DATABASE IF EXISTS **me1;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0037, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("DROP DATABASE database_name;"), "DROP DATABASE dat*******ame;");
EXPECT_EQ(SqliteUtils::AnonySql("DROP DATABASE name2;"), "DROP DATABASE **me2;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0038, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("PRAGMA user_version = 3"), "PRAGMA use*******on = *");
EXPECT_EQ(SqliteUtils::AnonySql("PRAGMA version = 3"), "PRAGMA ****ion = *");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0039, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("ALTER TABLE test ADD COLUMN address TEXT;"),
"ALTER TABLE t*** *DD C***MN a***ess T***;");
EXPECT_EQ(SqliteUtils::AnonySql("ALTER TABLE test ADD COLUMN name TEXT;"),
"ALTER TABLE *est ADD COLUMN *ame TEXT;");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0040, TestSize.Level1)
{
EXPECT_EQ(
SqliteUtils::AnonySql(
"CREATE TABLE TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, attachment ASSET, attachments ASSETS)."),
"CREATE TABLE T*** (*d *NT P***ARY *EY, n*** T***, e***nd B***, c*** R***, y***s UN*****ED *NT, at*****ent A***T, at*****ents A***TS).");
"CREATE TABLE TEST (id INT PRIMARY KEY, name TEXT, extend BLOB, code REAL, years UNLIMITED INT, ment ASSET, ments ASSETS)."),
"CREATE TABLE *EST (*d INT PRIMARY KEY, *ame TEXT, ***end BLOB, *ode REAL, **ars UNLIMITED INT, *ent ASSET, **nts ASSETS)");
}
HWTEST_F(SqliteUtilsTest, SqliteUtils_Test_0041, TestSize.Level1)
{
EXPECT_EQ(SqliteUtils::AnonySql("ALTER TABLE table DROP COLUMN column;"),
"ALTER TABLE **ble DROP COLUMN ***umn;");
}