hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1346: make value comparisons case-insensitive

Browse Source 
All values for columns, function and function_usage rules should be
compared in a case-insensitive way.
This commit is contained in:
Markus Mäkelä
2017-09-07 11:51:20 +03:00
parent 40582c38fb
commit a08179afcb
2 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/modules/filter/dbfwfilter/rules.cc
View File

@ -156,6 +156,7 @@ bool ColumnsRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg)
for (size_t i = 0; !rval && i < n_infos; ++i) for (size_t i = 0; !rval && i < n_infos; ++i)
{ {
std::string tok = infos[i].column; std::string tok = infos[i].column;
std::transform(tok.begin(), tok.end(), tok.begin(), ::tolower);
ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok); ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok);
if (it != m_values.end()) if (it != m_values.end())
@ -192,6 +193,7 @@ bool FunctionRule::matches_query(DbfwSession* session, GWBUF* buffer, char** msg
for (size_t i = 0; i < n_infos; ++i) for (size_t i = 0; i < n_infos; ++i)
{ {
std::string tok = infos[i].name; std::string tok = infos[i].name;
std::transform(tok.begin(), tok.end(), tok.begin(), ::tolower);
ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok); ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok);
if (it != m_values.end()) if (it != m_values.end())
@ -223,6 +225,7 @@ bool FunctionUsageRule::matches_query(DbfwSession* session, GWBUF* buffer, char*
for (size_t j = 0; j < infos[i].n_fields; j++) for (size_t j = 0; j < infos[i].n_fields; j++)
{ {
std::string tok = infos[i].fields[j].column; std::string tok = infos[i].fields[j].column;
std::transform(tok.begin(), tok.end(), tok.begin(), ::tolower);
ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok); ValueList::const_iterator it = std::find(m_values.begin(), m_values.end(), tok);
if (it != m_values.end()) if (it != m_values.end())
@ -249,9 +252,12 @@ bool ColumnFunctionRule::matches_query(DbfwSession* session, GWBUF* buffer, char
for (size_t i = 0; i < n_infos; ++i) for (size_t i = 0; i < n_infos; ++i)
{ {
std::string func = infos[i].name;
std::transform(func.begin(), func.end(), func.begin(), ::tolower);
ValueList::const_iterator func_it = std::find(m_values.begin(), ValueList::const_iterator func_it = std::find(m_values.begin(),
m_values.end(), m_values.end(),
infos[i].name); func);
if (func_it != m_values.end()) if (func_it != m_values.end())
{ {
@ -259,16 +265,18 @@ bool ColumnFunctionRule::matches_query(DbfwSession* session, GWBUF* buffer, char
for (size_t j = 0; j < infos[i].n_fields; j++) for (size_t j = 0; j < infos[i].n_fields; j++)
{ {
std::string col = infos[i].fields[j].column;
std::transform(col.begin(), col.end(), col.begin(), ::tolower);
ValueList::const_iterator col_it = std::find(m_columns.begin(), ValueList::const_iterator col_it = std::find(m_columns.begin(),
m_columns.end(), m_columns.end(),
infos[i].fields[j].column); col);
if (col_it != m_columns.end()) if (col_it != m_columns.end())
{ {
MXS_NOTICE("rule '%s': query uses function '%s' with forbidden column: %s", MXS_NOTICE("rule '%s': query uses function '%s' with forbidden column: %s",
name().c_str(), func_it->c_str(), col_it->c_str()); name().c_str(), col.c_str(), func.c_str());
*msg = create_error("Permission denied to column '%s' with function '%s'.", *msg = create_error("Permission denied to column '%s' with function '%s'.",
col_it->c_str(), func_it->c_str()); col.c_str(), func.c_str());
return true; return true;
} }
} }

8
server/modules/filter/dbfwfilter/rules.hh
View File

@ -14,6 +14,8 @@
#include "dbfwfilter.hh" #include "dbfwfilter.hh"
#include <algorithm>
#include <maxscale/pcre2.hh> #include <maxscale/pcre2.hh>
/** /**
@ -103,6 +105,11 @@ public:
}; };
static void make_lower(std::string& value)
{
std::transform(value.begin(), value.end(), value.begin(), ::tolower);
}
class ValueListRule: public Rule class ValueListRule: public Rule
{ {
ValueListRule(const ValueListRule&); ValueListRule(const ValueListRule&);
@ -119,6 +126,7 @@ protected:
Rule(name, type), Rule(name, type),
m_values(values) m_values(values)
{ {
std::for_each(m_values.begin(), m_values.end(), make_lower);
} }
ValueList m_values; ValueList m_values;