com.mysql.jdbc.interceptors.ResultSetScannerInterceptor Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of mysql-connector-java
Show all versions of mysql-connector-java
MySQL JDBC Type 4 driver
/*
Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved.
The MySQL Connector/J is licensed under the terms of the GPLv2
, like most MySQL Connectors.
There are special exceptions to the terms and conditions of the GPLv2 as it is applied to
this software, see the FOSS License Exception
.
This program is free software; you can redistribute it and/or modify it under the terms
of the GNU General Public License as published by the Free Software Foundation; version 2
of the License.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this
program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth
Floor, Boston, MA 02110-1301 USA
*/
package com.mysql.jdbc.interceptors;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.sql.SQLException;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import com.mysql.jdbc.Connection;
import com.mysql.jdbc.ResultSetInternalMethods;
import com.mysql.jdbc.Statement;
import com.mysql.jdbc.StatementInterceptor;
public class ResultSetScannerInterceptor implements StatementInterceptor {
protected Pattern regexP;
public void init(Connection conn, Properties props) throws SQLException {
String regexFromUser = props.getProperty("resultSetScannerRegex");
if (regexFromUser == null || regexFromUser.length() == 0) {
throw new SQLException("resultSetScannerRegex must be configured, and must be > 0 characters");
}
try {
this.regexP = Pattern.compile(regexFromUser);
} catch (Throwable t) {
SQLException sqlEx = new SQLException("Can't use configured regex due to underlying exception.");
sqlEx.initCause(t);
throw sqlEx;
}
}
public ResultSetInternalMethods postProcess(String sql, Statement interceptedStatement, ResultSetInternalMethods originalResultSet, Connection connection)
throws SQLException {
// requirement of anonymous class
final ResultSetInternalMethods finalResultSet = originalResultSet;
return (ResultSetInternalMethods) Proxy.newProxyInstance(originalResultSet.getClass().getClassLoader(), new Class[] { ResultSetInternalMethods.class },
new InvocationHandler() {
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
if ("equals".equals(method.getName())) {
// Let args[0] "unwrap" to its InvocationHandler if it is a proxy.
return args[0].equals(this);
}
Object invocationResult = method.invoke(finalResultSet, args);
String methodName = method.getName();
if (invocationResult != null && invocationResult instanceof String || "getString".equals(methodName) || "getObject".equals(methodName)
|| "getObjectStoredProc".equals(methodName)) {
Matcher matcher = ResultSetScannerInterceptor.this.regexP.matcher(invocationResult.toString());
if (matcher.matches()) {
throw new SQLException("value disallowed by filter");
}
}
return invocationResult;
}
});
}
public ResultSetInternalMethods preProcess(String sql, Statement interceptedStatement, Connection connection) throws SQLException {
// we don't care about this event
return null;
}
// we don't issue queries, so it should be safe to intercept at any point
public boolean executeTopLevelOnly() {
return false;
}
public void destroy() {
}
}