From 56bf77595c5ac91f0cd7ab522a8e9d3aaaeaedc4 Mon Sep 17 00:00:00 2001 From: bb7133 Date: Wed, 20 Dec 2023 18:04:53 -0800 Subject: [PATCH] br: update IgnoreErrorCheckpoint() for G201/G202 security rules (#49637) ref pingcap/tidb#30699 --- br/pkg/lightning/checkpoints/checkpoints.go | 15 +++------------ .../checkpoints/checkpoints_sql_test.go | 16 ++++++++-------- 2 files changed, 11 insertions(+), 20 deletions(-) diff --git a/br/pkg/lightning/checkpoints/checkpoints.go b/br/pkg/lightning/checkpoints/checkpoints.go index fd5f318f041c0..11ce402926671 100644 --- a/br/pkg/lightning/checkpoints/checkpoints.go +++ b/br/pkg/lightning/checkpoints/checkpoints.go @@ -1610,25 +1610,16 @@ func (cpdb *MySQLCheckpointsDB) IgnoreErrorCheckpoint(ctx context.Context, table colName = columnTableName } - // nolint:gosec - engineQuery := fmt.Sprintf(` - UPDATE %s.%s SET status = %d WHERE %s = ? AND status <= %d; - `, cpdb.schema, CheckpointTableNameEngine, CheckpointStatusLoaded, colName, CheckpointStatusMaxInvalid) - - // nolint:gosec - tableQuery := fmt.Sprintf(` - UPDATE %s.%s SET status = %d WHERE %s = ? AND status <= %d; - `, cpdb.schema, CheckpointTableNameTable, CheckpointStatusLoaded, colName, CheckpointStatusMaxInvalid) - + query := "UPDATE ?.? SET status = ? WHERE ? = ? AND status <= ?" s := common.SQLWithRetry{ DB: cpdb.db, Logger: log.FromContext(ctx).With(zap.String("table", tableName)), } err := s.Transact(ctx, "ignore error checkpoints", func(c context.Context, tx *sql.Tx) error { - if _, e := tx.ExecContext(c, engineQuery, tableName); e != nil { + if _, e := tx.ExecContext(c, query, cpdb.schema, CheckpointTableNameEngine, CheckpointStatusLoaded, colName, tableName, CheckpointStatusMaxInvalid); e != nil { return errors.Trace(e) } - if _, e := tx.ExecContext(c, tableQuery, tableName); e != nil { + if _, e := tx.ExecContext(c, query, cpdb.schema, CheckpointTableNameTable, CheckpointStatusLoaded, colName, tableName, CheckpointStatusMaxInvalid); e != nil { return errors.Trace(e) } return nil diff --git a/br/pkg/lightning/checkpoints/checkpoints_sql_test.go b/br/pkg/lightning/checkpoints/checkpoints_sql_test.go index 7f62fe0e7ca88..a9da56f963d87 100644 --- a/br/pkg/lightning/checkpoints/checkpoints_sql_test.go +++ b/br/pkg/lightning/checkpoints/checkpoints_sql_test.go @@ -395,12 +395,12 @@ func TestIgnoreAllErrorCheckpoints_SQL(t *testing.T) { s.mock.ExpectBegin() s.mock. - ExpectExec("UPDATE `mock-schema`\\.engine_v\\d+ SET status = 30 WHERE 'all' = \\? AND status <= 25"). - WithArgs(sqlmock.AnyArg()). + ExpectExec("UPDATE \\?\\.\\? SET status = \\? WHERE \\? = \\? AND status <= \\?"). + WithArgs("`mock-schema`", checkpoints.CheckpointTableNameEngine, checkpoints.CheckpointStatusLoaded, "'all'", sqlmock.AnyArg(), 25). WillReturnResult(sqlmock.NewResult(5, 3)) s.mock. - ExpectExec("UPDATE `mock-schema`\\.table_v\\d+ SET status = 30 WHERE 'all' = \\? AND status <= 25"). - WithArgs(sqlmock.AnyArg()). + ExpectExec("UPDATE \\?\\.\\? SET status = \\? WHERE \\? = \\? AND status <= \\?"). + WithArgs("`mock-schema`", checkpoints.CheckpointTableNameTable, checkpoints.CheckpointStatusLoaded, "'all'", sqlmock.AnyArg(), 25). WillReturnResult(sqlmock.NewResult(6, 2)) s.mock.ExpectCommit() @@ -413,12 +413,12 @@ func TestIgnoreOneErrorCheckpoint(t *testing.T) { s.mock.ExpectBegin() s.mock. - ExpectExec("UPDATE `mock-schema`\\.engine_v\\d+ SET status = 30 WHERE table_name = \\? AND status <= 25"). - WithArgs("`db1`.`t2`"). + ExpectExec("UPDATE \\?\\.\\? SET status = \\? WHERE \\? = \\? AND status <= \\?"). + WithArgs("`mock-schema`", checkpoints.CheckpointTableNameEngine, checkpoints.CheckpointStatusLoaded, "table_name", "`db1`.`t2`", 25). WillReturnResult(sqlmock.NewResult(5, 2)) s.mock. - ExpectExec("UPDATE `mock-schema`\\.table_v\\d+ SET status = 30 WHERE table_name = \\? AND status <= 25"). - WithArgs("`db1`.`t2`"). + ExpectExec("UPDATE \\?\\.\\? SET status = \\? WHERE \\? = \\? AND status <= \\?"). + WithArgs("`mock-schema`", checkpoints.CheckpointTableNameTable, checkpoints.CheckpointStatusLoaded, "table_name", "`db1`.`t2`", 25). WillReturnResult(sqlmock.NewResult(6, 1)) s.mock.ExpectCommit()