diff --git a/src/common/backend/utils/error/elog.cpp b/src/common/backend/utils/error/elog.cpp index 45e9d607f80ae5ef400b2582f12ec0fdc2dbe749..36aba151d9e7a07a95397d062acb9db79748d899 100644 --- a/src/common/backend/utils/error/elog.cpp +++ b/src/common/backend/utils/error/elog.cpp @@ -161,7 +161,6 @@ static void setup_formatted_log_time(void); static void setup_formatted_start_time(void); extern void send_only_message_to_frontend(const char* message, bool is_putline); static char* mask_Password_internal(const char* query_string); -static char* mask_error_password(const char* query_string, int str_len); static void truncate_identified_by(char* query_string, int query_len); static char* mask_execute_direct_cmd(const char* query_string); static bool is_execute_cmd(const char* query_string); @@ -3021,7 +3020,11 @@ static void send_message_to_server_log(ErrorData* edata) char* randomPlanInfo = NULL; char* mask_string = NULL; mask_string = maskPassword(t_thrd.postgres_cxt.debug_query_string); - if (edata->sqlerrcode == ERRCODE_SYNTAX_ERROR) { + /* + * For B-compatible database with dolphin, there're some scenarios that + * maskPassword couldn't cover. + */ + if (edata->sqlerrcode == ERRCODE_SYNTAX_ERROR || u_sess->attr.attr_sql.dolphin) { if (mask_string != NULL) { truncate_identified_by(mask_string, strlen(mask_string)); } else { @@ -4016,6 +4019,8 @@ static char* mask_word(char* query_string, int query_len, const char* word, int char* lower_string = (char*)palloc0(query_len + 1); rc = memcpy_s(lower_string, query_len, query_string, query_len); securec_check(rc, "\0", "\0"); + bool truncate = false; + int set_password_len = 0; tolower_func(lower_string); @@ -4037,16 +4042,30 @@ static char* mask_word(char* query_string, int query_len, const char* word, int } token_len++; } + + /* set password for user=password */ + if (strncmp(token_ptr, "for", token_len) == 0) { + token_ptr += token_len; + set_password_len = token_len + 1; + for (int i = 0; i < query_len - head_len - token_len; i++) { + if (token_ptr[i] == '=') { + truncate = true; + break; + } + set_password_len++; + } + } tail_ptr = token_ptr + token_len; tail_len = query_len - head_len - token_len; - rc = memcpy_s(mask_string, query_len + mask_len + 1, query_string, head_len); + rc = memcpy_s(mask_string, query_len + mask_len + 1, query_string, head_len + set_password_len); securec_check(rc, "\0", "\0"); - rc = memset_s(mask_string + head_len, query_len + mask_len + 1 - head_len, '*', mask_len); + rc = memset_s(mask_string + head_len + set_password_len, query_len + mask_len + 1 - head_len - set_password_len, + '*', mask_len); securec_check(rc, "\0", "\0"); - bool is_identified_by = ((strstr(word, " identified by ") == NULL) ? false : true); - if (is_identified_by) { - mask_string[head_len + mask_len] = '\0'; + truncate = truncate || ((strstr(word, " identified by ") == NULL) ? false : true); + if (truncate) { + mask_string[head_len + mask_len + set_password_len] = '\0'; } else { rc = memcpy_s(mask_string + head_len + mask_len, query_len + 1 - head_len, tail_ptr, tail_len); securec_check(rc, "\0", "\0"); @@ -4091,7 +4110,7 @@ static void truncate_identified_by(char* query_string, int query_len) pfree_ext(lower_string); } -static char* mask_error_password(const char* query_string, int str_len) +char* mask_error_password(const char* query_string, int str_len) { char* mask_string = NULL; errno_t rc = EOK; @@ -4664,7 +4683,7 @@ static char* mask_Password_internal(const char* query_string) idx = 0; break; case REPLACE: - isPassword = (curStmtType == 3 || curStmtType == 4 || curStmtType == 17); + isPassword = (curStmtType == 3 || curStmtType == 4); if (isPassword) idx = 0; break; diff --git a/src/gausskernel/cbb/instruments/utils/unique_query.cpp b/src/gausskernel/cbb/instruments/utils/unique_query.cpp index 93cfb54ddf972e6f5b897404806444f719e1930c..d2cd9ffb682530d1c87cd89817da3ab180e6069d 100755 --- a/src/gausskernel/cbb/instruments/utils/unique_query.cpp +++ b/src/gausskernel/cbb/instruments/utils/unique_query.cpp @@ -942,6 +942,7 @@ void UniqueSql::fill_in_constant_lengths(pgssJumbleState* jstate, const char* qu /* initialize the flex scanner --- should match raw_parser() */ yyscanner = scanner_init(query, &yyextra, &ScanKeywords, ScanKeywordTokens); + void* coreYYlex = u_sess->hook_cxt.coreYYlexHook ? u_sess->hook_cxt.coreYYlexHook : (void*)core_yylex; /* Search for each constant, in sequence */ for (i = 0; i < jstate->clocations_count; i++) { int loc = locs[i].location; @@ -954,7 +955,7 @@ void UniqueSql::fill_in_constant_lengths(pgssJumbleState* jstate, const char* qu } /* Lex tokens until we find the desired constant */ for (;;) { - tok = core_yylex(&yylval, &yylloc, yyscanner); + tok = ((coreYYlexFunc)coreYYlex)(&yylval, &yylloc, yyscanner); /* We should not hit end-of-string, but if we do, behave sanely */ if (tok == 0) { break; /* out of inner for-loop */ @@ -977,7 +978,7 @@ void UniqueSql::fill_in_constant_lengths(pgssJumbleState* jstate, const char* qu * where bar = 1" and "select * from foo where bar = -2" * will have identical normalized query strings. */ - tok = core_yylex(&yylval, &yylloc, yyscanner); + tok = ((coreYYlexFunc)coreYYlex)(&yylval, &yylloc, yyscanner); if (tok == 0) { break; /* out of inner for-loop */ } diff --git a/src/gausskernel/process/tcop/auditfuncs.cpp b/src/gausskernel/process/tcop/auditfuncs.cpp index 4d62d6d9c518da402e6bcdb50c5acd58574234f6..e4d5e1b880dd2d98beaac7a1af4f9c4cd4e949fc 100644 --- a/src/gausskernel/process/tcop/auditfuncs.cpp +++ b/src/gausskernel/process/tcop/auditfuncs.cpp @@ -373,7 +373,11 @@ static void pgaudit_ddl_database_object( Assert(cmdtext != NULL); char* mask_string = maskPassword(cmdtext); if (mask_string == NULL) { - mask_string = (char*)cmdtext; + if (u_sess->attr.attr_sql.dolphin) { + mask_string = mask_error_password(cmdtext, strlen(cmdtext)); + } else { + mask_string = (char*)cmdtext; + } } switch (audit_type) { diff --git a/src/include/knl/knl_session.h b/src/include/knl/knl_session.h index e5f01ff381fb3a74ed0bb6f634858a8454c93267..0fc72193c5779c8b0beca356149a393f524b272e 100644 --- a/src/include/knl/knl_session.h +++ b/src/include/knl/knl_session.h @@ -2736,6 +2736,7 @@ typedef struct knl_u_hook_context { void *pluginSearchCatHook; void *pluginCCHashEqFuncs; void *plpgsqlParserSetHook; + void *coreYYlexHook; } knl_u_hook_context; typedef struct knl_u_libsw_context { diff --git a/src/include/parser/scanner.h b/src/include/parser/scanner.h index 9152143e96294dfcb62cfa458374d7c51395fca9..1ab1f419c5bbc2d1ad4de68460719072dea2a13e 100644 --- a/src/include/parser/scanner.h +++ b/src/include/parser/scanner.h @@ -162,5 +162,7 @@ extern int scanner_errposition(int location, core_yyscan_t yyscanner); extern void scanner_yyerror(const char* message, core_yyscan_t yyscanner); extern void addErrorList(const char* message, int lines); +typedef int (*coreYYlexFunc)(core_YYSTYPE* lvalp, YYLTYPE* llocp, core_yyscan_t yyscanner); + #endif /* SCANNER_H */ diff --git a/src/include/utils/elog.h b/src/include/utils/elog.h index 638fdd0112715a5309c7fb32d80b0500cdcc3dad..89958215671c345ccfe78c67190baf31dcab96eb 100644 --- a/src/include/utils/elog.h +++ b/src/include/utils/elog.h @@ -158,6 +158,7 @@ extern int errcode_for_socket_access(void); extern int errmodule(ModuleId id); extern const char* mask_encrypted_key(const char* query_string, int str_len); extern char* maskPassword(const char* query_string); +extern char* mask_error_password(const char* query_string, int str_len); #define MASK_PASSWORD_START(mask_string, query_string) \ do { \ diff --git a/src/test/subscription/pubsub.py b/src/test/subscription/pubsub.py index 37e2903543f7b67638665e8feead490013315d85..1f7ee145c3b2dc5388aa7a22788ecc0256bca3c6 100644 --- a/src/test/subscription/pubsub.py +++ b/src/test/subscription/pubsub.py @@ -93,7 +93,7 @@ class Pterodb(): def __modify_conf_port(self, conf_file, port): file_handler = open(conf_file,"a") - string = "port = " + str(port) + "\n" + string = "\n" + "port = " + str(port) + "\n" file_handler.write(string) file_handler.close()