mirror of
https://github.com/waku-org/nwaku.git
synced 2025-01-27 23:27:27 +00:00
chore: dbconn - add requestId info as a comment in the database logs (#3110)
This commit is contained in:
Ivan FB
GitHub
parent
ed0ee5be20
commit
30c072a420
3
.github/workflows/ci.yml
vendored
3
.github/workflows/ci.yml
vendored
@ -111,6 +111,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
postgres_enabled=0
|
postgres_enabled=0
|
||||||
if [ ${{ runner.os }} == "Linux" ]; then
|
if [ ${{ runner.os }} == "Linux" ]; then
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt-get install -y libpcre3 libpcre3-dev
|
||||||
|
|
||||||
sudo docker run --rm -d -e POSTGRES_PASSWORD=test123 -p 5432:5432 postgres:15.4-alpine3.18
|
sudo docker run --rm -d -e POSTGRES_PASSWORD=test123 -p 5432:5432 postgres:15.4-alpine3.18
|
||||||
postgres_enabled=1
|
postgres_enabled=1
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
import
|
import
|
||||||
std/[times, strutils, asyncnet, os, sequtils, sets],
|
std/[times, strutils, asyncnet, os, sequtils, sets, strformat],
|
||||||
results,
|
results,
|
||||||
chronos,
|
chronos,
|
||||||
chronos/threadsync,
|
chronos/threadsync,
|
||||||
@ -207,6 +207,32 @@ proc waitQueryToFinish(
|
|||||||
|
|
||||||
pqclear(pqResult)
|
pqclear(pqResult)
|
||||||
|
|
||||||
|
proc containsRiskyPatterns(input: string): bool =
|
||||||
|
let riskyPatterns =
|
||||||
|
@[
|
||||||
|
" OR ", " AND ", " UNION ", " SELECT ", "INSERT ", "DELETE ", "UPDATE ", "DROP ",
|
||||||
|
"EXEC ", "--", "/*", "*/",
|
||||||
|
]
|
||||||
|
|
||||||
|
for pattern in riskyPatterns:
|
||||||
|
if pattern.toLowerAscii() in input.toLowerAscii():
|
||||||
|
return true
|
||||||
|
|
||||||
|
return false
|
||||||
|
|
||||||
|
proc isSecureString(input: string): bool =
|
||||||
|
## Returns `false` if the string contains risky characters or patterns, `true` otherwise.
|
||||||
|
let riskyChars = {'\'', '\"', ';', '-', '#', '\\', '%', '_', '/', '*', '\0'}
|
||||||
|
|
||||||
|
for ch in input:
|
||||||
|
if ch in riskyChars:
|
||||||
|
return false
|
||||||
|
|
||||||
|
if containsRiskyPatterns(input):
|
||||||
|
return false
|
||||||
|
|
||||||
|
return true
|
||||||
|
|
||||||
proc dbConnQuery*(
|
proc dbConnQuery*(
|
||||||
dbConnWrapper: DbConnWrapper,
|
dbConnWrapper: DbConnWrapper,
|
||||||
query: SqlQuery,
|
query: SqlQuery,
|
||||||
@ -214,6 +240,9 @@ proc dbConnQuery*(
|
|||||||
rowCallback: DataProc,
|
rowCallback: DataProc,
|
||||||
requestId: string,
|
requestId: string,
|
||||||
): Future[Result[void, string]] {.async, gcsafe.} =
|
): Future[Result[void, string]] {.async, gcsafe.} =
|
||||||
|
if not requestId.isSecureString():
|
||||||
|
return err("the passed request id is not secure: " & requestId)
|
||||||
|
|
||||||
dbConnWrapper.futBecomeFree = newFuture[void]("dbConnQuery")
|
dbConnWrapper.futBecomeFree = newFuture[void]("dbConnQuery")
|
||||||
|
|
||||||
let cleanedQuery = ($query).replace(" ", "").replace("\n", "")
|
let cleanedQuery = ($query).replace(" ", "").replace("\n", "")
|
||||||
@ -224,7 +253,8 @@ proc dbConnQuery*(
|
|||||||
|
|
||||||
var queryStartTime = getTime().toUnixFloat()
|
var queryStartTime = getTime().toUnixFloat()
|
||||||
|
|
||||||
(await dbConnWrapper.sendQuery(query, args)).isOkOr:
|
let reqIdAndQuery = "/* requestId=" & requestId & " */ " & $query
|
||||||
|
(await dbConnWrapper.sendQuery(SqlQuery(reqIdAndQuery), args)).isOkOr:
|
||||||
error "error in dbConnQuery", error = $error
|
error "error in dbConnQuery", error = $error
|
||||||
dbConnWrapper.futBecomeFree.fail(newException(ValueError, $error))
|
dbConnWrapper.futBecomeFree.fail(newException(ValueError, $error))
|
||||||
return err("error in dbConnQuery calling sendQuery: " & $error)
|
return err("error in dbConnQuery calling sendQuery: " & $error)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user