Admin: strip leading SQL block comments before connect-setup matchers (#5786)#5826
Admin: strip leading SQL block comments before connect-setup matchers (#5786)#5826takaidohigasi wants to merge 1 commit into
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
🚧 Files skipped from review as they are similar to previous changes (3)
📝 WalkthroughWalkthroughAdds a SQL-comment-stripping utility to ProxySQL's Admin handler, uses the stripped pointer for early command accept-match checks (e.g., SET AUTOCOMMIT, BEGIN/COMMIT), preserves the original query for audit/digest, and adds a TAP regression test plus test-group mapping. ChangesAdmin SQL Comment Stripping
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Code Review
This pull request introduces several configuration and repository metadata files, including a sample .aider.conf.yml configuration, a .clang-tidy file, a Contributor License Agreement (.github/CLA.md), and a bug report issue template. A review comment points out that the load option in .aider.conf.yml references a non-existent ./AGENT.md file, which will cause startup errors, and suggests commenting it out.
| #verbose: false | ||
|
|
||
| ## Load and execute /commands from a file on launch | ||
| load: ./AGENT.md |
There was a problem hiding this comment.
5161814 to
2a5fcb0
Compare
The two connect-setup statement accept blocks in admin_session_handler — SET SQL_SAFE_UPDATES=1 (fix bug sysown#442) and the BEGIN/COMMIT/ROLLBACK/ SET NAMES/SET AUTOCOMMIT/... block (fix bug sysown#1047) — use strncmp/ strncasecmp prefix matching against the start of query_no_space. Clients that prepend SQL tracing comments to every query — SQLCommenter, Datadog Agent's mysql integration CommenterCursor, Sequelize, Hibernate, etc. — defeat the prefix match. The query falls through to the SQLite engine, which rejects it with `near "SET": syntax error` (wrapped as MySQL error code 1045). The most visible manifestation is Datadog Agent autodiscovery on the admin port failing during connection setup, before any custom_queries run. Add a small helper `skip_leading_sql_comments` that returns a pointer past leading whitespace and /* ... */ block comments, then apply it to both accept blocks via a single local pointer. The original query buffer is unchanged, so audit / digest / error-echo paths see the original text. Only block comments are handled here on purpose. MySQL `-- ` / `#` line comments can't be parsed safely in this code path: remove_spaces() runs before this matching and collapses '\\n' and '\\r' to a single space, so the line-comment terminator no longer exists in the buffer. Block-comment recognition is unaffected because `*/` survives intact — and block comments are the form SQL-commenter clients actually emit. Test: test/tap/tests/mysql-reg_test_5786_admin_strip_leading_sql_comments-t.cpp covers SET AUTOCOMMIT/SET NAMES/SET character_set_results/SET SQL_AUTO_IS_NULL/ SET SQL_SAFE_UPDATES/BEGIN/START TRANSACTION/COMMIT/ROLLBACK each with a leading block comment, the exact Datadog Agent CommenterCursor payload, stacked comments, leading+trailing comments, and a keyword-in-comment- text negative case (must not false-positive). Fixes sysown#5786.
2a5fcb0 to
79dcbef
Compare
|
|
(reviewed by codex gpt 5.5 high effort) |



Fixes #5786.
What
The two connect-setup statement accept blocks in
admin_session_handler—SET SQL_SAFE_UPDATES=1(fix bug #442) and theBEGIN/COMMIT/ROLLBACK/SET NAMES/SET AUTOCOMMIT/... block (fix bug #1047) — usestrncmp/strncasecmpprefix matching against the start ofquery_no_space.Clients that prepend SQL tracing comments to every query — SQLCommenter,
Datadog Agent's
mysqlintegrationCommenterCursor, Sequelize, Hibernate,etc. — defeat the prefix match. The query falls through to the SQLite
engine, which rejects it with:
The most visible manifestation is Datadog Agent autodiscovery on the
admin port failing during connection setup, before any
custom_queriesrun.
How
Add a small helper
skip_leading_sql_commentsthat returns a pointer pastleading whitespace and
/* … */block comments. Apply it once to derive alocal pointer used for matching in both accept blocks. The original query
buffer is unchanged, so audit / digest / error-echo paths (i.e. the
query_no_spacepassed tosend_ok_msg_to_client) see the original text.Block-comments-only scope (deliberate)
Only
/* … */block comments are handled. MySQL--/#line commentscan't be parsed safely in this code path:
remove_spaces()runs beforethis matching and collapses
\n/\rto a single space, so theline-comment terminator no longer exists in the buffer. Block-comment
recognition is unaffected because
*/survivesremove_spacesintact —and block comments are the form SQL-commenter clients (the originally
affected use case) actually emit.
Out of scope for this PR
strncasecmp("BEGIN", …, 5)currently acceptsBEGINXYZ). Pre-existing,worth its own PR.
/*! version-conditional */and/*+ optimizer hint */comments. Thecurrent behaviour is preserved: ADMIN-session inputs of
/*!… */continue to be handled by the mysqldump-compat accept block at
Admin_Handler.cpp:~2790(which fires before this code). For STATSsessions,
/*!… */-only inputs continue to fall through to SQLite asbefore — the helper consumes the comment, the prefix match fails on the
empty remainder, and dispatch is unchanged.
Testing
Added a TAP regression test
test/tap/tests/mysql-reg_test_5786_admin_strip_leading_sql_comments-t.cpp(registered in
test/tap/groups/groups.json) that, against a live ProxySQLadmin port:
(
SET AUTOCOMMIT,SET NAMES,SET character_set_results,SET SQL_AUTO_IS_NULL,SET SQL_SAFE_UPDATES,BEGIN,START TRANSACTION,COMMIT,ROLLBACK), exercises the bare form, theleading block-comment form, the exact Datadog Agent
CommenterCursorpayload (
/*service='datadog-agent'*/ SET AUTOCOMMIT=1), stackedcomments, and leading+trailing comments. Each accept case asserts
rc == 0AND that no result set was returned(
mysql_field_count() == 0) — the OK-packet pathsend_ok_msg_to_clientproduces.
/* SET AUTOCOMMIT=1 inside comment */ SELECT 1assertsthat the SQLite engine actually executes
SELECT 1(result set present,first row value is
"1"). A false-positive accept would produce an OKpacket with no result set, so the row assertion would fail.
Local lints pass:
Backwards compatibility
No client-visible behaviour changes for callers that don't prefix queries
with block comments. Callers that DO prefix block comments now get the
intended no-op accept instead of
ER_PARSE_ERROR (1045), on both adminand stats sessions (the existing accept blocks already cover both).
Summary by CodeRabbit
Bug Fixes
New Features
Tests