fix: handle encoding errors in mysql obfuscation #160
Next
Next commit
fix: handle encoding errors in mysql obfuscation
- Loading branch information
commit cbcad7656e7552ad00d479ce76e37d801e170a7f
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -209,6 +209,19 @@ | |
| _(span.attributes['net.peer.name']).must_equal host.to_s | ||
| _(span.attributes['net.peer.port']).must_equal port.to_s | ||
| end | ||
|
|
||
| it 'encodes invalid byte sequences for db.statement' do | ||
| # \255 is off-limits https://en.wikipedia.org/wiki/UTF-8#Codepage_layout | ||
| sql = "SELECT * from users where users.id = 1 and users.email = '[email protected]\255'" | ||
| obfuscated_sql = 'SELECT * from users where users.id = ? and users.email = ?' | ||
|
|
||
| expect do | ||
| client.query(sql) | ||
| end.must_raise Mysql2::Error | ||
|
|
||
| _(span.name).must_equal 'select' | ||
| _(span.attributes['db.statement']).must_equal obfuscated_sql | ||
| end | ||
| end | ||
|
|
||
| describe 'when enable_sql_obfuscation is enabled with db_statement set' do | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it possible to make a more specific error message here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't sure how specific to make it, this is what will get plunked into the the db.statement attribute field. I'm being prudent about capturing any information about what was failed to be obfuscated.
What did you have in mind? Like the error class or something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I didn't realize that this would get put into the
db.statementfield, which is my bad for not looking closely enough. I think this is fine. 👍There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably not something you need to address here, but it'd be useful to use a common prefix for all the "error" type substitutions (this and the two above) - it'd make it easier for Observability teams to monitor this behaviour. Metrics might be nice as well, but a competent engineer can build metrics from the
db.statementin a span processor or in the collector.