Skip to content

refactor some cdc code - phase 1 #21656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 62 commits into
base: main
Choose a base branch
from
Open

refactor some cdc code - phase 1 #21656

wants to merge 62 commits into from

Conversation

XuPeng-SH
Copy link
Contributor

What type of PR is this?

  • API-change
  • BUG
  • Improvement
  • Documentation
  • Feature
  • Test and CI
  • Code Refactoring

Which issue(s) this PR fixes:

issue #21017

What this PR does / why we need it:

refactor some cdc code

@matrix-meow matrix-meow added the size/XXL Denotes a PR that changes 2000+ lines label Apr 7, 2025
@mergify mergify bot added the kind/refactor Code refactor label Apr 7, 2025
fengttt
fengttt reviewed Apr 16, 2025
View reviewed changes
pkg/cdc/sql_builder.go
incrConfig string,
additionalConfigStr string,
) string {
return fmt.Sprintf(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All these Sprintf based SQL construction are subject to SQL injection. I wonder if we can make it use param binding -- or even if not possible, values be systematically escaped here.

fengttt
fengttt reviewed Apr 16, 2025
View reviewed changes
pkg/cdc/util.go
// compositedUriInfo uri according to the format: mysql://root:[email protected]:6001
// if valid, return true and extracted info
// !!!NOTE!!!
// user and password does not have the special character ( ':' '@' )
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this enforced somehow/somewhere? Otherwise seems to me, the only way is to encode/decode this with &XXX;
Or some better/smarter encode/decode scheme.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fengttt fengttt fengttt approved these changes

@zhangxu19830126 zhangxu19830126 zhangxu19830126 approved these changes

@ck89119 ck89119 ck89119 approved these changes

@daviszhen daviszhen Awaiting requested review from daviszhen daviszhen is a code owner

@qingxinhome qingxinhome Awaiting requested review from qingxinhome qingxinhome is a code owner

@reusee reusee Awaiting requested review from reusee reusee is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
kind/refactor Code refactor size/XXL Denotes a PR that changes 2000+ lines
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@XuPeng-SH @fengttt @zhangxu19830126 @ck89119 @matrix-meow