Skip to content

Commit

Permalink
option to obfuscate bind parameter
Browse files Browse the repository at this point in the history
  • Loading branch information
lu-zhengda committed Dec 16, 2024
1 parent 96160b1 commit 6b5187d
Show file tree
Hide file tree
Showing 5 changed files with 64 additions and 1 deletion.
13 changes: 13 additions & 0 deletions obfuscator.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ type obfuscatorConfig struct {
ReplaceBoolean bool `json:"replace_boolean"`
ReplaceNull bool `json:"replace_null"`
KeepJsonPath bool `json:"keep_json_path"` // by default, we replace json path with placeholder
ReplaceBindParameter bool `json:"replace_bind_parameter"`
}

type obfuscatorOption func(*obfuscatorConfig)
Expand Down Expand Up @@ -51,6 +52,12 @@ func WithKeepJsonPath(keepJsonPath bool) obfuscatorOption {
}
}

func WithReplaceBindParameter(replaceBindParameter bool) obfuscatorOption {
return func(c *obfuscatorConfig) {
c.ReplaceBindParameter = replaceBindParameter
}
}

type Obfuscator struct {
config *obfuscatorConfig
}
Expand Down Expand Up @@ -128,6 +135,12 @@ func (o *Obfuscator) ObfuscateTokenValue(token Token, lastToken Token, lexerOpts
} else {
return token.Value
}
case BIND_PARAMETER:
if o.config.ReplaceBindParameter {
return StringPlaceholder
} else {
return token.Value
}
case IDENT, QUOTED_IDENT:
if o.config.ReplaceBoolean && isBoolean(token.Value) {
return StringPlaceholder
Expand Down
12 changes: 12 additions & 0 deletions obfuscator_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ func TestObfuscator(t *testing.T) {
replaceNull bool
dollarQuotedFunc bool
keepJsonPath bool
replaceBindParameter bool
dbms DBMSType
}{
{
Expand Down Expand Up @@ -535,6 +536,16 @@ func TestObfuscator(t *testing.T) {
expected: `SELECT * FROM users where data::jsonb ->> 1`,
keepJsonPath: true,
},
{
input: `SELECT * FROM users where id = @_My_id`,
expected: `SELECT * FROM users where id = @_My_id`,
replaceBindParameter: false,
},
{
input: `SELECT * FROM users where id = @_My_id`,
expected: `SELECT * FROM users where id = ?`,
replaceBindParameter: true,
},
}

for _, tt := range tests {
Expand All @@ -546,6 +557,7 @@ func TestObfuscator(t *testing.T) {
WithReplaceNull(tt.replaceNull),
WithDollarQuotedFunc(tt.dollarQuotedFunc),
WithKeepJsonPath(tt.keepJsonPath),
WithReplaceBindParameter(tt.replaceBindParameter),
)
got := obfuscator.Obfuscate(tt.input, WithDBMS(tt.dbms))
assert.Equal(t, tt.expected, got)
Expand Down
21 changes: 21 additions & 0 deletions sqllexer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -529,6 +529,27 @@ func TestLexer(t *testing.T) {
{BIND_PARAMETER, "@1"},
},
},
{
name: "select with bind parameter using underscore",
input: "SELECT * FROM users where id = @__my_id",
expected: []Token{
{IDENT, "SELECT"},
{WS, " "},
{WILDCARD, "*"},
{WS, " "},
{IDENT, "FROM"},
{WS, " "},
{IDENT, "users"},
{WS, " "},
{IDENT, "where"},
{WS, " "},
{IDENT, "id"},
{WS, " "},
{OPERATOR, "="},
{WS, " "},
{BIND_PARAMETER, "@__my_id"},
},
},
{
name: "select with system variable",
input: "SELECT @@VERSION AS SqlServerVersion",
Expand Down
2 changes: 1 addition & 1 deletion sqllexer_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ func isLetter(ch rune) bool {
}

func isAlphaNumeric(ch rune) bool {
return isLetter(ch) || isDigit(ch)
return isLetter(ch) || isDigit(ch) || ch == '_'
}

func isDoubleQuote(ch rune) bool {
Expand Down
17 changes: 17 additions & 0 deletions testdata/mssql/select/select-with-bind-parameter.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"input": "SELECT[u].[USER_SETTINGS_ID], [u].[CREATED], [u].[CREATED_BY], [u].[FK_APPLICATION_SCOPE_ID], [u].[MODIFIED], [u].[MODIFIED_BY], [u].[PREFERRED_LANGUAGE], [u].[SETTINGS], [u].[USER_NAME], [u].[USER_SECRET], [u].[USER_SECRET_TMP] FROM [USER_SETTING] WHERE [u].[USER_NAME] = @__userName_0;",
"outputs": [
{
"expected": "SELECT [u].[USER_SETTINGS_ID], [u].[CREATED], [u].[CREATED_BY], [u].[FK_APPLICATION_SCOPE_ID], [u].[MODIFIED], [u].[MODIFIED_BY], [u].[PREFERRED_LANGUAGE], [u].[SETTINGS], [u].[USER_NAME], [u].[USER_SECRET], [u].[USER_SECRET_TMP] FROM [USER_SETTING] WHERE [u].[USER_NAME] = @__userName_0",
"obfuscator_config": {
"replace_positional_parameter": false
},
"normalizer_config": {
"keep_sql_alias": true,
"remove_space_between_parentheses": true,
"keep_identifier_quotation": true
}
}
]
}

0 comments on commit 6b5187d

Please sign in to comment.