search

pingcap / tiflash

The analytical engine for TiDB and TiDB Cloud. Try free: https://tidbcloud.com/free-trial
https://docs.pingcap.com/tidb/stable/tiflash-overview
Apache License 2.0
945 stars 409 forks source link

TiFlash doesn't support $ in Integration Tests #5275

Closed lizhenhuan closed 2 years ago

lizhenhuan commented 2 years ago

Bug Report

Please answer these questions before submitting your issue. Thanks!

1. Minimal reproduce step (Required)

cd tests ./run-test.sh fullstack-test/expr/upper.test This test will success. vi fullstack-test/expr/upper.test 1.add "insert into test.t values('pi$ng');" after origin insert sql 2.add "PI$NG" in excepted result at last

image

run test again, this test is failed

image

This may because the integration tests framework doesn't support $ . It may delete $ and the letter followed by $

2. What did you expect to see? (Required)

after add $ in upper.test ,this test case still success

3. What did you see instead (Required)

after add $ in upper.test ,this test case will fail

4. What is your TiFlash version? (Required)

TiFlash master branch

Willendless commented 2 years ago

Unfortunately, this seems to also be a security problem.

The cause of this bug is that the integration test script constructs a mysql client command line to execute each mysql commands in test file, e.g. os.popen("mysql -u root -P 4000 -h 127.0.0.1 -e "insert into test.t values ('$$')"").

Then a sh subprocess will execute mysql client with arguments, but before that, sh subprocess will first expand '$$' to be current process's id...

And finally, the command executed by tidb turns to be insert into test.t values (current_process_id)...

As for your case, sh subprocess treats $NG as an env variable, which is actually unset and only passes PI to the tidb. So in the execution result only PI is left.

Willendless commented 2 years ago

/assign