[GitHub] [incubator-shardingsphere] baoencheng opened a new issue #3729: insert数据-加密字段错位

[GitBox <gi...@apache.org>]

baoencheng opened a new issue #3729: insert数据-加密字段错位
URL: https://github.com/apache/incubator-shardingsphere/issues/3729
 
 
   加密字段:encbank
   当sql写法不够规范时:
   INSERT INTO tablexxx (id,encbank,dr) VALUES (1227567148367683672,#{encbank},#{dr})
   出现加密错位。
   
   查看源码后分析: 
   ss加密模块解析sql的时候:
   1) 插入列3项，数组下标[0][1][2] encbank 在第2位即[1]
   2) 值3项(明文1项，参数传递2项)，直接取用参数传递数组的第2位来加密，导致字段错位加密到dr字段。
   3) 解决方案:解析sql的时候，需要考虑所有值的项 而不是 只考虑参数传递中的内容。有些工程项目sql拼接不规范的时候就产生bug了。
   4) INSERT INTO tablexxx (id,encbank,dr) VALUES (#{id},#{encbank},#{dr}) 标准sql 没有问题。需兼容所有sql
   
   Encrypted field: encbank
   When the SQL writing method is not standard enough:
   INSERT INTO tablexxx (id,encbank,dr) VALUES (1227567148367683672,#{encbank},#{dr})
   Encryption mismatch occurred.
   
   View post source analysis:
   When the SS encryption module parses SQL:
   1) insert 3 items of column, array subscript [0] [1] [2] encbank in the second place, that is [1]
   2) 3 values (1 clear text and 2 parameters) are directly encrypted by using the second bit of the parameter transfer array, resulting in the misplaced field encryption to the Dr field.
   3) solution: when parsing SQL, you need to consider the items of all values rather than the contents of parameter passing. Some engineering projects have bugs when SQL splicing is not standardized.
   4) insert into tablexxx (ID, encbank, Dr) values ({ID}, {encbank}, {Dr}) standard SQL has no problem. Need to be compatible with all SQL

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services