module Mmtrix::Agent::Database::ObfuscationHelpers
Constants
- LITERAL_DOUBLE_QUOTE
- LITERAL_SINGLE_QUOTE
We use these to check whether the query contains any quote characters after obfuscation. If so, that’s a good indication that the original query was malformed, and so our obfuscation can’t reliabily find literals. In such a case, we’ll replace the entire query with a placeholder.
- NUMERICS_REGEX
- PLACEHOLDER
- REVERSE_ANY_QUOTES_REGEX
- REVERSE_SINGLE_QUOTES_REGEX
Note that the following two regexes are applied to a reversed version of the query. This is why the backslash escape sequences (' and ") appear reversed within them.
Note that some database adapters (notably, PostgreSQL with standard_conforming_strings on and MySQL with NO_BACKSLASH_ESCAPES on) do not apply special treatment to backslashes within quoted string literals. We don’t have an easy way of determining whether the database connection from which a query was captured was operating in one of these modes, but the obfuscation is done in such a way that it should not matter.
Reversing the query string before obfuscation allows us to get around the fact that a ' appearing within a string may or may not terminate the string, because we know that a string cannot start with a '.
- SQL_COMMENT_REGEX
We take a conservative, overly-aggressive approach to obfuscating comments, and drop everything from the query after encountering any character sequence that could be a comment initiator. We do this after removal of string literals to avoid accidentally over-obfuscating when a string literal contains a comment initiator.
Public Instance Methods
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 72 def contains_quotes?(str) str.include?(LITERAL_SINGLE_QUOTE) || str.include?(LITERAL_DOUBLE_QUOTE) end
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 68 def contains_single_quotes?(str) str.include?(LITERAL_SINGLE_QUOTE) end
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 60 def obfuscate_numeric_literals(sql) sql.gsub(NUMERICS_REGEX, PLACEHOLDER) end
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 53 def obfuscate_quoted_literals(sql) obfuscated = sql.reverse obfuscated.gsub!(REVERSE_ANY_QUOTES_REGEX, PLACEHOLDER) obfuscated.reverse! obfuscated end
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 46 def obfuscate_single_quote_literals(sql) obfuscated = sql.reverse obfuscated.gsub!(REVERSE_SINGLE_QUOTES_REGEX, PLACEHOLDER) obfuscated.reverse! obfuscated end
# File lib/mmtrix/agent/database/obfuscation_helpers.rb, line 64 def remove_comments(sql) sql.gsub(SQL_COMMENT_REGEX, PLACEHOLDER) end