Skip to content

S
soar

今日晚霞一样 / soar
与 Fork 源项目一致

Fork自 Xiaomi / soar

通知 1
Star 0
Fork 0
S
soar

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 9443120c 编写于 作者: martianzhang's avatar martianzhang
浏览文件
操作

fix #273 

	add test cases
	comments use english more understandable
上级 6ae5c3f5
隐藏空白更改
内联 并排
Showing with 33 addition and 12 deletion
advisor/heuristic.go
浏览文件 @ 9443120c
...@@ -133,16 +133,17 @@ func (q *Query4Audit) RuleEqualLike() Rule { ...@@ -133,16 +133,17 @@ func (q *Query4Audit) RuleEqualLike() Rule {
if strings.ToLower(expr.Operator) == "like" { if strings.ToLower(expr.Operator) == "like" {
switch sqlval := expr.Right.(type) { switch sqlval := expr.Right.(type) {
case *sqlparser.SQLVal: case *sqlparser.SQLVal:
// not start with '%', '_' && not end with '%', '_' // 1. string that not contain '%', '_'
// 2. int, bit, float without wildcard
var hasWildCard bool
if sqlval.Type == 0 { if sqlval.Type == 0 {
if sqlval.Val[0] != 0x25 && for _, sqlElem := range sqlval.Val {
sqlval.Val[0] != 0x5f && if sqlElem == 0x25 || sqlElem == 0x5f {
sqlval.Val[len(sqlval.Val)-1] != 0x5f && hasWildCard = true
sqlval.Val[len(sqlval.Val)-1] != 0x25 { }
rule = HeuristicRules["ARG.002"]
return false, nil
} }
} else { }
if !hasWildCard {
rule = HeuristicRules["ARG.002"] rule = HeuristicRules["ARG.002"]
return false, nil return false, nil
} }
......
advisor/heuristic_test.go
浏览文件 @ 9443120c
...@@ -132,11 +132,18 @@ func TestRulePrefixLike(t *testing.T) { ...@@ -132,11 +132,18 @@ func TestRulePrefixLike(t *testing.T) {
// ARG.002 // ARG.002
func TestRuleEqualLike(t *testing.T) { func TestRuleEqualLike(t *testing.T) {
common.Log.Debug("Entering function: %s", common.GetFunctionName()) common.Log.Debug("Entering function: %s", common.GetFunctionName())
sqls := []string{ sqls := [][]string{
"select col from tbl where id like 'abc'", {
"select col from tbl where id like 1", "select col from tbl where id like 'abc'",
"select col from tbl where id like 1",
},
{
"select col from tbl where id like 'abc%'",
"select col from tbl where id like '%abc'",
"select col from tbl where id like 'a%c'", // issue #273
},
} }
for _, sql := range sqls { for _, sql := range sqls[0] {
q, err := NewQuery4Audit(sql) q, err := NewQuery4Audit(sql)
if err == nil { if err == nil {
rule := q.RuleEqualLike() rule := q.RuleEqualLike()
...@@ -147,6 +154,19 @@ func TestRuleEqualLike(t *testing.T) { ...@@ -147,6 +154,19 @@ func TestRuleEqualLike(t *testing.T) {
t.Error("sqlparser.Parse Error:", err) t.Error("sqlparser.Parse Error:", err)
} }
} }
for _, sql := range sqls[1] {
q, err := NewQuery4Audit(sql)
if err == nil {
rule := q.RuleEqualLike()
if rule.Item == "ARG.002" {
t.Error("Rule not match:", rule.Item, "Expect : OK")
}
} else {
t.Error("sqlparser.Parse Error:", err)
}
}
common.Log.Debug("Exiting function: %s", common.GetFunctionName()) common.Log.Debug("Exiting function: %s", common.GetFunctionName())
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册