Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changes after Fuzz Testing useFmtOnly #1094

Merged
merged 9 commits into from
Jun 28, 2019
Merged

Changes after Fuzz Testing useFmtOnly #1094

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
0e5c417
FIx | Changes after Fuzz Testing
rene-ye Jun 24, 2019
8725aa5
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into ps…
rene-ye Jun 24, 2019
0db52c0
Fix | Junit test fixes
rene-ye Jun 24, 2019
18c0514
Fix | Reorder comparisons
rene-ye Jun 25, 2019
4267851
Fix | Change "" to null when adding SQLState
rene-ye Jun 25, 2019
8944584
Fix | More fixes
rene-ye Jun 25, 2019
143c0c6
Fix | Addressing comments
rene-ye Jun 28, 2019
ed13466
Fix | Format
rene-ye Jun 28, 2019
58111c0
Fix | COmments
rene-ye Jun 28, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/main/java/com/microsoft/sqlserver/jdbc/ParameterUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ static int scanSQLForChar(char ch, String sql, int offset) {

// Fall through - will fail next if and end up in default case
case '-':
if (sql.charAt(offset) == '-') { // If '-- ... \n' comment
if (offset >= 0 && offset < sql.length() && sql.charAt(offset) == '-') { // If '-- ... \n' comment
while (++offset < len) { // Go thru comment.
if (sql.charAt(offset) == '\n' || sql.charAt(offset) == '\r') {
// If end of comment
Expand Down
22 changes: 21 additions & 1 deletion src/main/java/com/microsoft/sqlserver/jdbc/SQLServerFMTQuery.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,10 @@
import java.util.List;
import java.util.stream.Collectors;

import org.antlr.v4.runtime.BaseErrorListener;
import org.antlr.v4.runtime.CharStreams;
import org.antlr.v4.runtime.RecognitionException;
import org.antlr.v4.runtime.Recognizer;
import org.antlr.v4.runtime.Token;


Expand Down Expand Up @@ -100,7 +103,8 @@ String getFMTQuery() {
} catch (IOException e) {
SQLServerException.makeFromDriverError(null, userSql, e.getLocalizedMessage(), "", false);
}

lexer.removeErrorListeners();
lexer.addErrorListener(new SQLServerErrorListener());
this.tokenList = (ArrayList<? extends Token>) lexer.getAllTokens();
if (tokenList.size() <= 0) {
SQLServerException.makeFromDriverError(null, this,
Expand All @@ -111,3 +115,19 @@ String getFMTQuery() {
SQLServerParser.parseQuery(iter, this);
}
}


class SQLServerErrorListener extends BaseErrorListener {
static final private java.util.logging.Logger logger = java.util.logging.Logger
.getLogger("com.microsoft.sqlserver.jdbc.internals.SQLServerFMTQuery");

@Override
public void syntaxError(Recognizer<?, ?> recognizer, Object offendingSymbol, int line, int charPositionInLine,
String msg, RecognitionException e) {
if (logger.isLoggable(java.util.logging.Level.FINE)) {
logger.fine("Error occured during token parsing: " + msg);
rene-ye marked this conversation as resolved.
Show resolved Hide resolved
logger.fine("line " + line + ":" + charPositionInLine + " token recognition error at: "
+ offendingSymbol.toString());
}
}
}
242 changes: 135 additions & 107 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerParser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,31 +66,43 @@ static void parseQuery(SQLServerTokenIterator iter, SQLServerFMTQuery query) thr
}
query.getTableTarget().add(getTableTargetChunk(iter, query.getAliases(), INSERT_DELIMITING_WORDS));

List<String> tableValues = getValuesList(iter);
// VALUES case
boolean valuesFound = false;
int valuesMarker = iter.nextIndex();
while (!valuesFound && iter.hasNext()) {
t = iter.next();
if (t.getType() == SQLServerLexer.VALUES) {
valuesFound = true;
do {
query.getValuesList().add(getValuesList(iter));
} while (iter.hasNext() && iter.next().getType() == SQLServerLexer.COMMA);
iter.previous();
}
}
if (!valuesFound) {
resetIteratorIndex(iter, valuesMarker);
}
if (!query.getValuesList().isEmpty()) {
for (List<String> ls : query.getValuesList()) {
if (tableValues.isEmpty()) {
query.getColumns().add("*");
if (iter.hasNext()) {
List<String> tableValues = getValuesList(iter);
// VALUES case
boolean valuesFound = false;
int valuesMarker = iter.nextIndex();
while (!valuesFound && iter.hasNext()) {
t = iter.next();
if (t.getType() == SQLServerLexer.VALUES) {
valuesFound = true;
do {
query.getValuesList().add(getValuesList(iter));
} while (iter.hasNext() && iter.next().getType() == SQLServerLexer.COMMA);
iter.previous();
}
for (int i = 0; i < ls.size(); i++) {
if (ls.get(i).equalsIgnoreCase("?")) {
query.getColumns().add((tableValues.size() == 0) ? "?" : tableValues.get(i));
}
if (!valuesFound) {
resetIteratorIndex(iter, valuesMarker);
}
if (!query.getValuesList().isEmpty()) {
for (List<String> ls : query.getValuesList()) {
if (tableValues.isEmpty()) {
query.getColumns().add("*");
}
for (int i = 0; i < ls.size(); i++) {
if (ls.get(i).equalsIgnoreCase("?")) {
if (tableValues.size() == 0) {
query.getColumns().add("?");
} else {
if (i < tableValues.size()) {
query.getColumns().add(tableValues.get(i));
} else {
SQLServerException.makeFromDriverError(null, null,
SQLServerResource.getResource("R_invalidInsertValuesQuery"), "",
false);
}
}
}
}
}
}
Expand Down Expand Up @@ -201,7 +213,7 @@ private static String findColumnAfterParameter(SQLServerTokenIterator iter) {
StringBuilder sb = new StringBuilder();
while (sb.length() == 0 && iter.hasNext()) {
rene-ye marked this conversation as resolved.
Show resolved Hide resolved
Token t = iter.next();
if (t.getType() == SQLServerLexer.NOT) {
if (t.getType() == SQLServerLexer.NOT && iter.hasNext()) {
t = iter.next(); // skip NOT
}
if (OPERATORS.contains(t.getType()) && iter.hasNext()) {
Expand All @@ -216,8 +228,10 @@ private static String findColumnAfterParameter(SQLServerTokenIterator iter) {
t = iter.next();
if (t.getType() == SQLServerLexer.DOT) {
sb.append(".");
t = iter.next();
sb.append(t.getText());
if (iter.hasNext()) {
t = iter.next();
sb.append(t.getText());
}
}
}
}
Expand All @@ -232,20 +246,18 @@ private static String findColumnBeforeParameter(SQLServerTokenIterator iter) {
StringBuilder sb = new StringBuilder();
while (sb.length() == 0 && iter.hasPrevious()) {
Token t = iter.previous();
if (t.getType() == SQLServerLexer.DOLLAR) {
if (t.getType() == SQLServerLexer.DOLLAR && iter.hasPrevious()) {
t = iter.previous(); // skip if it's a $ sign
}
if (t.getType() == SQLServerLexer.AND) {
if (t.getType() == SQLServerLexer.AND && iter.hasPrevious()) {
t = iter.previous();
if (iter.hasPrevious()) {
t = iter.previous();
if (iter.hasPrevious()) {
t = iter.previous(); // try to find BETWEEN
if (t.getType() == SQLServerLexer.BETWEEN) {
iter.next();
continue;
} else {
return "";
}
t = iter.previous(); // try to find BETWEEN
if (t.getType() == SQLServerLexer.BETWEEN && iter.hasNext()) {
iter.next();
continue;
} else {
return "";
}
}
}
Expand All @@ -262,12 +274,14 @@ private static String findColumnBeforeParameter(SQLServerTokenIterator iter) {
d.push(t.getText());
}
// Linked-servers can have a maximum of 4 parts
for (int i = 0; i < 3; i++) {
for (int i = 0; i < 3 && iter.hasPrevious(); i++) {
t = iter.previous();
if (t.getType() == SQLServerLexer.DOT) {
d.push(".");
t = iter.previous();
d.push(t.getText());
if (iter.hasPrevious()) {
t = iter.previous();
d.push(t.getText());
}
}
}
d.stream().forEach(sb::append);
Expand Down Expand Up @@ -362,88 +376,102 @@ static Token skipTop(SQLServerTokenIterator iter) throws SQLServerException {
}

static String getCTE(SQLServerTokenIterator iter) throws SQLServerException {
Token t = iter.next();
if (t.getType() == SQLServerLexer.WITH) {
StringBuilder sb = new StringBuilder("WITH ");
getCTESegment(iter, sb);
return sb.toString();
} else {
iter.previous();
return "";
if (iter.hasNext()) {
Token t = iter.next();
if (t.getType() == SQLServerLexer.WITH) {
StringBuilder sb = new StringBuilder("WITH ");
getCTESegment(iter, sb);
return sb.toString();
} else {
iter.previous();
}
}
return "";
}

static void getCTESegment(SQLServerTokenIterator iter, StringBuilder sb) throws SQLServerException {
sb.append(getTableTargetChunk(iter, null, Arrays.asList(SQLServerLexer.AS)));
iter.next();
Token t = iter.next();
sb.append(" AS ");
if (t.getType() != SQLServerLexer.LR_BRACKET) {
SQLServerException.makeFromDriverError(null, null, SQLServerResource.getResource("R_invalidCTEFormat"), "",
false);
}
int leftRoundBracketCount = 0;
do {
sb.append(t.getText()).append(' ');
if (t.getType() == SQLServerLexer.LR_BRACKET) {
leftRoundBracketCount++;
} else if (t.getType() == SQLServerLexer.RR_BRACKET) {
leftRoundBracketCount--;
try {
sb.append(getTableTargetChunk(iter, null, Arrays.asList(SQLServerLexer.AS)));
iter.next();
Token t = iter.next();
sb.append(" AS ");
if (t.getType() != SQLServerLexer.LR_BRACKET) {
SQLServerException.makeFromDriverError(null, null, SQLServerResource.getResource("R_invalidCTEFormat"),
"", false);
}
t = iter.next();
} while (leftRoundBracketCount > 0);
int leftRoundBracketCount = 0;
do {
sb.append(t.getText()).append(' ');
if (t.getType() == SQLServerLexer.LR_BRACKET) {
leftRoundBracketCount++;
} else if (t.getType() == SQLServerLexer.RR_BRACKET) {
leftRoundBracketCount--;
}
t = iter.next();
} while (leftRoundBracketCount > 0);

if (t.getType() == SQLServerLexer.COMMA) {
sb.append(", ");
getCTESegment(iter, sb);
} else {
iter.previous();
if (t.getType() == SQLServerLexer.COMMA) {
sb.append(", ");
getCTESegment(iter, sb);
} else {
iter.previous();
}
} catch (java.util.NoSuchElementException e) {
SQLServerException.makeFromDriverError(null, null, SQLServerResource.getResource("R_invalidCTEFormat"), "",
false);
}
}

private static String getTableTargetChunk(SQLServerTokenIterator iter, List<String> possibleAliases,
List<Integer> delimiters) throws SQLServerException {
StringBuilder sb = new StringBuilder();
Token t = iter.next();
do {
switch (t.getType()) {
case SQLServerLexer.LR_BRACKET:
sb.append(getRoundBracketChunk(iter, t));
break;
case SQLServerLexer.OPENDATASOURCE:
case SQLServerLexer.OPENJSON:
case SQLServerLexer.OPENQUERY:
case SQLServerLexer.OPENROWSET:
case SQLServerLexer.OPENXML:
sb.append(t.getText());
if (iter.hasNext()) {
Token t = iter.next();
do {
switch (t.getType()) {
case SQLServerLexer.LR_BRACKET:
sb.append(getRoundBracketChunk(iter, t));
break;
case SQLServerLexer.OPENDATASOURCE:
case SQLServerLexer.OPENJSON:
case SQLServerLexer.OPENQUERY:
case SQLServerLexer.OPENROWSET:
case SQLServerLexer.OPENXML:
sb.append(t.getText());
t = iter.next();
if (t.getType() != SQLServerLexer.LR_BRACKET) {
SQLServerException.makeFromDriverError(null, null,
SQLServerResource.getResource("R_invalidOpenqueryCall"), "", false);
}
sb.append(getRoundBracketChunk(iter, t));
break;
case SQLServerLexer.AS:
sb.append(t.getText());
if (iter.hasNext()) {
String s = iter.next().getText();
if (possibleAliases != null) {
possibleAliases.add(s);
} else {
SQLServerException.makeFromDriverError(null, null,
SQLServerResource.getResource("R_invalidCTEFormat"), "", false);
}
sb.append(" ").append(s);
}
break;
default:
sb.append(t.getText());
break;
}
if (iter.hasNext()) {
sb.append(' ');
t = iter.next();
if (t.getType() != SQLServerLexer.LR_BRACKET) {
SQLServerException.makeFromDriverError(null, null,
SQLServerResource.getResource("R_invalidOpenqueryCall"), "", false);
}
sb.append(getRoundBracketChunk(iter, t));
break;
case SQLServerLexer.AS:
sb.append(t.getText());
if (iter.hasNext()) {
String s = iter.next().getText();
possibleAliases.add(s);
sb.append(" ").append(s);
}
break;
default:
sb.append(t.getText());
} else {
break;
}
}
} while (!delimiters.contains(t.getType()) && t.getType() != SQLServerLexer.SEMI);
if (iter.hasNext()) {
sb.append(' ');
t = iter.next();
} else {
break;
iter.previous();
}
} while (!delimiters.contains(t.getType()) && t.getType() != SQLServerLexer.SEMI);
if (iter.hasNext()) {
iter.previous();
}
return sb.toString().trim();
}
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/com/microsoft/sqlserver/jdbc/SQLServerResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -590,5 +590,6 @@ protected Object[][] getContents() {
"Invalid syntax: OPENQUERY/OPENJSON/OPENDATASOURCE/OPENROWSET/OPENXML must be preceded by round brackets"},
{"R_invalidCTEFormat",
"Invalid syntax: AS must be followed by round brackets in Common Table Expressions."},
{"R_noTokensFoundInUserQuery", "Invalid query: No tokens were parsed from the SQL provided."}};
{"R_noTokensFoundInUserQuery", "Invalid query: No tokens were parsed from the SQL provided."},
{"R_invalidInsertValuesQuery", "Error when matching VALUES list to Table columns. Please verify user SQL."}};
};