datadog-agent icon indicating copy to clipboard operation
datadog-agent copied to clipboard
verified publisher icon DataDog

pkg/obfuscate: Fix unescaped sequence from SQL obfuscator

Open alexbarksdale opened this issue 3 years ago • 1 comments

What does this PR do?

Fixes an obfuscation bug where nested quotes are not escaped (i.e. " "" ") resulting in upstream failures.

Motivation

This previously was not an issue because we used to obfuscate quotes. However, we made a change (PR) to improve string parsing for a better overall UX. This introduced an edge case where we don't escape sequences. For example, a SQL plan in the form of JSON will result in the following after obfuscation:

  • "Filter":"( ( relname ~ ? :: text ) AND ( relkind = ANY ( ? :: "char" [] ) ) )"}]}]} This creates an invalid JSON at "char". This must be escaped:
  • "Filter":"( ( relname ~ ? :: text ) AND ( relkind = ANY ( ? :: \"char\" [] ) ) )"}]}]}

Additional Notes

Possible Drawbacks / Trade-offs

Describe how to test/QA your changes

Reviewer's Checklist

  • [ ] If known, an appropriate milestone has been selected; otherwise the Triage milestone is set.
  • [ ] Use the major_change label if your change either has a major impact on the code base, is impacting multiple teams or is changing important well-established internals of the Agent. This label will be use during QA to make sure each team pay extra attention to the changed behavior. For any customer facing change use a releasenote.
  • [ ] A release note has been added or the changelog/no-changelog label has been applied.
  • [ ] Changed code has automated tests for its functionality.
  • [ ] Adequate QA/testing plan information is provided if the qa/skip-qa label is not applied.
  • [ ] At least one team/.. label has been applied, indicating the team(s) that should QA this change.
  • [ ] If applicable, docs team has been notified or an issue has been opened on the documentation repo.
  • [ ] If applicable, the need-change/operator and need-change/helm labels have been applied.
  • [ ] If applicable, the k8s/<min-version> label, indicating the lowest Kubernetes version compatible with this feature.
  • [ ] If applicable, the config template has been updated.

alexbarksdale avatar Jan 05 '23 22:01 alexbarksdale

Benchmarks

Found 2 performance improvements and 0 performance regressions! Performance is the same for 1 cases.

pr-commenter[bot] avatar Jan 05 '23 23:01 pr-commenter[bot]