MDEV-15480 Audit plugin does not respect QUERY_DML for audit plugin.

QUERY_DML_NO_SELECT flag added.
2025-01-29 02:05:57 +01:00 · 2018-05-10 19:00:54 +04:00 · 2018-05-10 19:00:54 +04:00 · 3cbfe8cc47
commit 3cbfe8cc47
parent 4f42f0d1ea
3 changed files with 44 additions and 4 deletions
--- a/mysql-test/suite/plugins/r/server_audit.result
+++ b/mysql-test/suite/plugins/r/server_audit.result
@ -182,6 +182,17 @@ select 2;
 2
 2
 drop table t1;
+set global server_audit_events='query_dml_no_select';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+id
+1
+2
+select 2;
+2
+2
+drop table t1;
 set global server_audit_events='';
 set global server_audit_query_log_limit= 15;
 select (1), (2), (3), (4);
@ -343,6 +354,7 @@ TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD \n# comment\nFOR u1
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD FOR u1=<secret>',ID
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0
+TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'insert into t1 values (1), (2)',0
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global server_audit_events=\'\'',0
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global serv',0
 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select (1), (2)',0
--- a/mysql-test/suite/plugins/t/server_audit.test
+++ b/mysql-test/suite/plugins/t/server_audit.test
@ -121,6 +121,13 @@ select 2;
 /*! select 2*/;
 /*comment*/ select 2;
 drop table t1;
+set global server_audit_events='query_dml_no_select';
+create table t1(id int);
+insert into t1 values (1), (2);
+select * from t1;
+select 2;
+drop table t1;
+
 set global server_audit_events='';

 set global server_audit_query_log_limit= 15;
--- a/plugin/server_audit/server_audit.c
+++ b/plugin/server_audit/server_audit.c
@ -15,7 +15,7 @@


 #define PLUGIN_VERSION 0x104
-#define PLUGIN_STR_VERSION "1.4.3"
+#define PLUGIN_STR_VERSION "1.4.4"

 #define _my_thread_var loc_thread_var

@ -364,16 +364,17 @@ static MYSQL_SYSVAR_STR(excl_users, excl_users, PLUGIN_VAR_RQCMDARG,
 /* bits in the event filter. */
 #define EVENT_CONNECT 1
 #define EVENT_QUERY_ALL 2
-#define EVENT_QUERY 58
+#define EVENT_QUERY 122
 #define EVENT_TABLE 4
 #define EVENT_QUERY_DDL 8
 #define EVENT_QUERY_DML 16
 #define EVENT_QUERY_DCL 32
+#define EVENT_QUERY_DML_NO_SELECT 64

 static const char *event_names[]=
 {
  "CONNECT", "QUERY", "TABLE", "QUERY_DDL", "QUERY_DML", "QUERY_DCL",
-  NULL
+  "QUERY_DML_NO_SELECT", NULL
 };
 static TYPELIB events_typelib=
 {
@ -381,7 +382,7 @@ static TYPELIB events_typelib=
 };
 static MYSQL_SYSVAR_SET(events, events, PLUGIN_VAR_RQCMDARG,
       "Specifies the set of events to monitor. Can be CONNECT, QUERY, TABLE,"
-           " QUERY_DDL, QUERY_DML, QUERY_DCL.",
+           " QUERY_DDL, QUERY_DML, QUERY_DML_NO_SELECT, QUERY_DCL.",
       NULL, NULL, 0, &events_typelib);
 #define OUTPUT_SYSLOG 0
 #define OUTPUT_FILE 1
@ -855,6 +856,21 @@ struct sa_keyword dml_keywords[]=
 };


+struct sa_keyword dml_no_select_keywords[]=
+{
+  {2, "DO", 0, SQLCOM_DML},
+  {4, "CALL", 0, SQLCOM_DML},
+  {4, "LOAD", &data_word, SQLCOM_DML},
+  {4, "LOAD", &xml_word, SQLCOM_DML},
+  {6, "DELETE", 0, SQLCOM_DML},
+  {6, "INSERT", 0, SQLCOM_DML},
+  {6, "UPDATE", 0, SQLCOM_DML},
+  {7, "HANDLER", 0, SQLCOM_DML},
+  {7, "REPLACE", 0, SQLCOM_DML},
+  {0, NULL, 0, SQLCOM_DML}
+};
+
+
 struct sa_keyword dcl_keywords[]=
 {
  {6, "CREATE", &user_word, SQLCOM_DCL},
@ -1636,6 +1652,11 @@ static int log_statement_ex(const struct connection_info *cn,
      if (filter_query_type(query, dml_keywords))
        goto do_log_query;
    }
+    if (events & EVENT_QUERY_DML_NO_SELECT)
+    {
+      if (filter_query_type(query, dml_no_select_keywords))
+        goto do_log_query;
+    }
    if (events & EVENT_QUERY_DCL)
    {
      if (filter_query_type(query, dcl_keywords))