summaryrefslogtreecommitdiff
path: root/plugin
diff options
context:
space:
mode:
authorAlexey Botchkov <holyfoot@askmonty.org>2017-11-03 17:05:41 +0400
committerAlexey Botchkov <holyfoot@askmonty.org>2017-11-03 17:10:36 +0400
commit04daf30e9bca85b3241981c53f2293cee1f2de00 (patch)
tree7b825c075e33d4efcc21744db689373eaf895463 /plugin
parentc4c48e974013a1a3d62ae6b2fc9a705c3bdd1689 (diff)
downloadmariadb-git-04daf30e9bca85b3241981c53f2293cee1f2de00.tar.gz
MDEV-13921 Audit log writes invalid SQL if single-line comments are
present. Escape special characters (like \r \n \t) instead of replacing them with spaces.
Diffstat (limited to 'plugin')
-rw-r--r--plugin/server_audit/server_audit.c39
1 files changed, 21 insertions, 18 deletions
diff --git a/plugin/server_audit/server_audit.c b/plugin/server_audit/server_audit.c
index 6a2ed16cb00..152cc75b710 100644
--- a/plugin/server_audit/server_audit.c
+++ b/plugin/server_audit/server_audit.c
@@ -1121,6 +1121,21 @@ do { \
} while(0)
+#define ESC_MAP_SIZE 0x60
+static const char esc_map[ESC_MAP_SIZE]=
+{
+ 0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, '\'', 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, '\\', 0, 0, 0
+};
+
+static char escaped_char(char c)
+{
+ return ((unsigned char ) c) >= ESC_MAP_SIZE ? 0 : esc_map[(unsigned char) c];
+}
static void setup_connection_initdb(struct connection_info *cn,
@@ -1327,21 +1342,16 @@ static size_t escape_string(const char *str, unsigned int len,
const char *res_end= result + result_len - 2;
while (len)
{
+ char esc_c;
+
if (result >= res_end)
break;
- if (*str == '\'')
+ if ((esc_c= escaped_char(*str)))
{
if (result+1 >= res_end)
break;
*(result++)= '\\';
- *(result++)= '\'';
- }
- else if (*str == '\\')
- {
- if (result+1 >= res_end)
- break;
- *(result++)= '\\';
- *(result++)= '\\';
+ *(result++)= esc_c;
}
else if (is_space(*str))
*(result++)= ' ';
@@ -1430,19 +1440,12 @@ static size_t escape_string_hide_passwords(const char *str, unsigned int len,
no_password:
if (result >= res_end)
break;
- if (*str == '\'')
- {
- if (result+1 >= res_end)
- break;
- *(result++)= '\\';
- *(result++)= '\'';
- }
- else if (*str == '\\')
+ if ((b_char= escaped_char(*str)))
{
if (result+1 >= res_end)
break;
*(result++)= '\\';
- *(result++)= '\\';
+ *(result++)= b_char;
}
else if (is_space(*str))
*(result++)= ' ';