search

apache / shardingsphere

Empowering Data Intelligence with Distributed SQL for Sharding, Scalability, and Security Across All Databases.
Apache License 2.0
19.95k stars 6.74k forks source link

fuzzy query with encrypt isn't support like operate with escape #32261

Open ShcRes opened 3 months ago

ShcRes commented 3 months ago

Bug Report

For English only, other languages will not accept.

Before report a bug, make sure you have:

Please pay attention on issues you submitted, because we maybe need more details. If no response anymore and we cannot reproduce it on current information, we will close it.

Please answer these questions before submitting your issue. Thanks!

Which version of ShardingSphere did you use?

5.5.0

Which project did you use? ShardingSphere-JDBC or ShardingSphere-Proxy?

ShardingSphere-JDBC

Expected behavior

Logic SQL: 

 select * from table where cipher_column like ? escape ?;

Excepted after encrypt operate SQL:

 select * from table where likequery_column like ? escape ?;

Actual behavior

Actual after encrypt operate SQL: 

select * from table where likequery_column like ?;

‘escape ?’ lost and number of parameters is 2 then Parameter index out of range (2 > number of parameters, which is 1)

Reason analyze (If you can)

Steps to reproduce the behavior, such as: SQL to execute, sharding rule configuration, when exception occur etc.

  1. rule configuration 
    mode:
type: Standalone
repository:
type: JDBC
rules:
- !SINGLE
tables:
  - ds_1.*
- !ENCRYPT
tables:
  pe_table:
    columns:
      card_no:
        cipher:
          name: card_no
          encryptorName: aes_encryptor
        likeQuery:
          name: card_no_like
          encryptorName: like_encryptor
encryptors:
  aes_encryptor:
    type: AES
    props:
      aes-key-value: 123456abc
  like_encryptor:
    type: CHAR_DIGEST_LIKE
  2. exception sql-paramaters: [828081a78f763fb3018f7640e664000b, %xxx%, \, 20] 
    -- Logic SQL:
select 
  petable0_.id,  petable0_.card_no
from pe_table petable0_
where petable0_.fk_batch_id=? 
  and (petable0_.card_no like ? escape ?) order by petable0_.id desc limit ?
    -- Actual SQL:
select 
  petable0_.id, petable0_.card_no
from pe_table petable0_ 
where petable0_.fk_batch_id=? 
   and (petable0_.card_no_like like ?) 
order by petable0_.id desc limit ?

    image

Example codes for reproduce this issue (such as a github link).

strongduanmu commented 3 months ago

Hi @ShcRes, thank you for your feedback. Do you want to submit a pr to fix it?