hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Handle prepared named statements in firewall filter

Browse Source 
Binary prepared statements need to be addressed separately.
This commit is contained in:
Johan Wikman
2017-01-17 14:56:13 +02:00
parent 338c625b9a
commit f7892843b5
1 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/modules/filter/dbfwfilter/dbfwfilter.c
View File

@ -2350,11 +2350,10 @@ routeQuery(MXS_FILTER *instance, MXS_FILTER_SESSION *session, GWBUF *queue)
rval = dcb->func.write(dcb, err); rval = dcb->func.write(dcb, err);
} }
else if (qc_query_is_type(type, QUERY_TYPE_PREPARE_STMT) || else if (qc_query_is_type(type, QUERY_TYPE_PREPARE_STMT) ||
qc_query_is_type(type, QUERY_TYPE_PREPARE_NAMED_STMT) ||
modutil_is_SQL_prepare(queue)) modutil_is_SQL_prepare(queue))
{ {
GWBUF* err = gen_dummy_error(my_session, "This filter does not support " GWBUF* err = gen_dummy_error(my_session, "This filter does not support "
"prepared statements."); "binary prepared statements.");
gwbuf_free(queue); gwbuf_free(queue);
MXS_FREE(my_session->errmsg); MXS_FREE(my_session->errmsg);
my_session->errmsg = NULL; my_session->errmsg = NULL;
@ -2362,6 +2361,14 @@ routeQuery(MXS_FILTER *instance, MXS_FILTER_SESSION *session, GWBUF *queue)
} }
else else
{ {
GWBUF* analyzed_queue = queue;
if (qc_query_is_type(type, QUERY_TYPE_PREPARE_NAMED_STMT))
{
analyzed_queue = qc_get_preparable_stmt(queue);
ss_dassert(analyzed_queue);
}
DBFW_USER *user = find_user_data(thr_users, dcb->user, dcb->remote); DBFW_USER *user = find_user_data(thr_users, dcb->user, dcb->remote);
bool query_ok = false; bool query_ok = false;
@ -2370,9 +2377,9 @@ routeQuery(MXS_FILTER *instance, MXS_FILTER_SESSION *session, GWBUF *queue)
bool match = false; bool match = false;
char* rname = NULL; char* rname = NULL;
if (check_match_any(my_instance, my_session, queue, user, &rname) || if (check_match_any(my_instance, my_session, analyzed_queue, user, &rname) ||
check_match_all(my_instance, my_session, queue, user, false, &rname) || check_match_all(my_instance, my_session, analyzed_queue, user, false, &rname) ||
check_match_all(my_instance, my_session, queue, user, true, &rname)) check_match_all(my_instance, my_session, analyzed_queue, user, true, &rname))
{ {
match = true; match = true;
} }
@ -2407,7 +2414,7 @@ routeQuery(MXS_FILTER *instance, MXS_FILTER_SESSION *session, GWBUF *queue)
{ {
char *sql; char *sql;
int len; int len;
if (modutil_extract_SQL(queue, &sql, &len)) if (modutil_extract_SQL(analyzed_queue, &sql, &len))
{ {
len = MXS_MIN(len, FW_MAX_SQL_LEN); len = MXS_MIN(len, FW_MAX_SQL_LEN);
if (match && my_instance->log_match & FW_LOG_MATCH) if (match && my_instance->log_match & FW_LOG_MATCH)