CN116108055A - Database dangerous statement detection method, system, equipment and storage medium - Google Patents

Database dangerous statement detection method, system, equipment and storage medium Download PDF

Info

Publication number
CN116108055A
CN116108055A CN202310185186.1A CN202310185186A CN116108055A CN 116108055 A CN116108055 A CN 116108055A CN 202310185186 A CN202310185186 A CN 202310185186A CN 116108055 A CN116108055 A CN 116108055A
Authority
CN
China
Prior art keywords
statement
change
database
database file
dangerous
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310185186.1A
Other languages
Chinese (zh)
Inventor
方海波
黄勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Geely Holding Group Co Ltd
Zhejiang Zeekr Intelligent Technology Co Ltd
Original Assignee
Zhejiang Geely Holding Group Co Ltd
Zhejiang Zeekr Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Geely Holding Group Co Ltd, Zhejiang Zeekr Intelligent Technology Co Ltd filed Critical Zhejiang Geely Holding Group Co Ltd
Priority to CN202310185186.1A priority Critical patent/CN116108055A/en
Publication of CN116108055A publication Critical patent/CN116108055A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2358Change logging, detection, and notification
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Computational Linguistics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention provides a detection method, a system, equipment and a storage medium of database dangerous sentences, belonging to the technical field of computers, wherein the detection method of the database dangerous sentences comprises the following steps: acquiring a database file to be detected; screening out the change sentences in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement; and traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement is a dangerous statement. The detection method of the database dangerous statement can screen the updated or deleted change statement from the database file, and based on the preset detection standard, analyze and check whether the risk operation of whole table update or whole table deletion exists in the change statement, thereby comprehensively checking the risk existing in the file when the database file is executed, and identifying and intercepting the risk statement operation.

Description

Database dangerous statement detection method, system, equipment and storage medium
Technical Field
The invention relates to the technical field of computers, in particular to a method, a system, equipment, a storage medium and a vehicle for detecting database dangerous sentences.
Background
SQL (Structured Query Language ) is a database query and programming language for accessing data and querying, updating and managing relational database systems.
In the project development process, due to insufficient consideration of service, a developer may have the situation that the whole table deletes the database code statement, and if the compiler requirement is met, the compiling or execution error is not caused, but after a period of online operation, due to updating of a service scene or change of the service scene, when access to deleted data is triggered, an abnormality may occur, and once the abnormality occurs, the database system applied by the SQL code is difficult to normally operate because the physical deletion of the data cannot be recovered.
The existing detection of SQL sentences basically relies on the self code capability of programmers, judgment of business scenes and manual code examination to solve the problems, the examination mode is easy to miss and time consuming, and the risk detection efficiency and accuracy are low.
It is therefore desirable to devise a method, system, apparatus and storage medium for detecting database risk sentences to solve the above-mentioned problems.
Disclosure of Invention
In view of the above drawbacks of the prior art, the present invention provides a method, a system, an apparatus, a storage medium, and a vehicle for detecting database dangerous sentences, which are used for solving the technical problems in the prior art that the detection method for database sentences is low in efficiency and easy to miss.
To achieve the above and other related objects, the present invention provides a method for detecting a database dangerous sentence, comprising the following steps:
acquiring a database file to be detected;
screening out the change sentences in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement;
and traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement is a dangerous statement.
In an example of the present invention, the obtaining a database file to be detected includes:
based on address or name information of a database file to be detected, calling the database file from an item warehouse through a calling command; the database file comprises source codes integrated with database sentences or configuration files integrated with database sentences.
In an example of the present invention, the screening out the change sentence in the database file by annotating the database file includes:
creating a proxy class adapting to the database file;
annotating the database file through the proxy class to screen out change sentences in the database file; wherein the change statement includes an update statement and a delete statement.
In an example of the present invention, annotating the database file by the proxy class to screen out variant sentences in the database file includes: and rewriting the update method and the deletion method of the database file through annotations in the proxy class so as to screen and traverse the update statement and the deletion statement in the database file.
In an example of the present invention, the traversing the change sentence by annotating and rewriting based on a preset detection standard to detect whether the change sentence is a dangerous sentence includes:
traversing the change statement in a comment rewriting mode;
analyzing each currently rewritten change statement based on a preset detection standard, and judging whether the change statement is a batch operation with whole table update or whole table deletion;
if the change statement has batch operation of whole table update or whole table deletion, judging that the change statement has risk operation, and marking the change statement as a dangerous statement.
In an example of the present invention, the analyzing the change statement that is rewritten at present based on a preset detection criterion, determining that the change statement is a batch operation in which a whole table update or a whole table deletion exists includes:
inquiring whether an update condition statement or a deletion condition statement exists in the change statement which is rewritten currently; if yes, judging that the current rewritten change statement does not have batch operation of whole table update or whole table deletion; if not, judging that the current rewritten change statement has batch operation of whole table update or whole table deletion.
In an example of the present invention, before whether there is an update conditional statement or a delete conditional statement in the change statement that is currently rewritten by the query, further includes:
analyzing whether the grammar of the currently rewritten change statement is normal or not through an SQLparameter function; if yes, detecting the change statement in the next step; if not, marking the change statement as a dangerous statement.
In an embodiment of the present invention, the present invention further provides a system for detecting a database dangerous sentence, where the system includes:
the file acquisition module is used for acquiring database files to be detected;
the statement screening module is used for screening out the change statement in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement;
the risk analysis module is used for traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement has risk operation or not.
In an embodiment of the present invention, there is also provided a computer device including a processor coupled to a memory, the memory storing program instructions that when executed by the processor implement the method of any of the above.
In an embodiment of the present invention, there is also provided a computer-readable storage medium including a program which, when run on a computer, causes the computer to perform the method of any one of the above.
According to the detection method, the system, the equipment and the storage medium for the database dangerous sentences, updated or deleted change sentences can be screened from the database file, and whether the risk operation of whole table update or whole table deletion exists in the change sentences is checked based on the preset detection standard analysis, so that risks existing in the database file are comprehensively checked when the database file is executed, and the risk sentence operation is identified and intercepted. The detection method of the database dangerous sentences can comprehensively check the dangerous sentences in the database files, effectively improve the recognition efficiency of the code blanks in full quantity, and reduce the access difficulty. Therefore, the invention effectively overcomes some practical problems in the prior art, thereby having high utilization value and use significance.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for detecting database dangerous sentences according to an embodiment of the present invention;
FIG. 2 is a flowchart of step S2 according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating the step S3 according to an embodiment of the present invention;
FIG. 4 is a flowchart of step S32 according to an embodiment of the present invention;
FIG. 5 is a block diagram of a database dangerous sentence detection system according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a computer device according to an embodiment of the invention.
Description of element reference numerals
10. A detection system for dangerous sentences of the database; 11. a file acquisition module; 12. a sentence screening module; 13. and a risk analysis module.
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict. It is also to be understood that the terminology used in the examples of the invention is for the purpose of describing particular embodiments only, and is not intended to limit the scope of the invention. The test methods in the following examples, in which specific conditions are not noted, are generally conducted under conventional conditions or under conditions recommended by the respective manufacturers.
It should be understood that the terms such as "upper," "lower," "left," "right," "middle," and "a" and the like are used in this specification for descriptive purposes only and not for purposes of limitation, and that the invention may be practiced without materially departing from the novel teachings and without departing from the scope of the invention.
Referring to fig. 1 to 4, the present invention provides a method, a system, a device, a storage medium and a vehicle for detecting database dangerous sentences, which are used for solving the technical problems of low efficiency and easy omission of the detection method for database sentences in the prior art.
The invention provides a detection method of database dangerous sentences, which is applied to the formation of proxy classes in database execution classes, so that database files originally executed by the execution classes are executed by the proxy classes embedded with a risk check function, thereby traversing database sentences (SQL sentences) in the database files in an execution mode to check risk operation in the change sentences, and marking and intercepting the risk operation when the dangerous sentences are searched, thereby realizing risk check of database project codes.
In addition, the detection method of the database dangerous sentence of the present invention can be applied to a test system comprising a terminal device, a network and a server, wherein the network is a medium for directly providing a communication link between the terminal device and the server, and can comprise various connection types, such as a wired, wireless communication link or an optical fiber cable, etc.; and the operating system on the terminal device may include a handheld device operating system (i P h o n eoperating system, iOS system), an android system or other operating systems, and the terminal device is connected to the server through a network to implement interaction, so as to perform operations of receiving or sending data, and may specifically be various electronic devices with a display screen and supporting web browsing, including, but not limited to, smart phones, tablet computers, portable computers, desktop servers, and the like.
Referring to fig. 1, fig. 1 is a flowchart illustrating a method for detecting a database dangerous sentence according to an embodiment of the invention, including the following steps:
s1, acquiring a database file to be detected;
in one embodiment of the present invention, in step S1, the database file to be detected is called from the project repository by a call command, such as a gitclone command, based on the address or name information of the database file to be detected.
And, since the writing of database statements is mainly implemented in two ways in the Java project, one is by integrating SQL statements in the Java code, and the other is by integrating SQL statements in MyBatis configuration files, myBatis is an excellent persistence layer framework supporting ordinary SQL query, storage procedures and advanced mapping, which eliminates almost all manual setting of JDBC codes and parameters and retrieval of result sets, and can configure and map native information using simple XML (Extensi bleMarkup Language ) or annotations, map interfaces and Java POJOs (Plain Ordinary Java Object, ordinary Java objects) into records in the database. Therefore, for the two modes, when the database file to be detected is acquired, the java source code integrated with the database statement can be acquired, and the MyBatis configuration file integrated with the database statement can also be acquired.
Step S2 is executed, and the change sentences in the database file are screened out through annotating the database file; wherein the change statement comprises an update statement and a delete statement;
in step S2, a proxy class checksqlxecutor is created based on the execution class sqlxecutor that invokes the database file, and by presetting a detection criterion for detecting whether a statement has a risk operation in the proxy class checksqlxecutor, it is detected whether each change statement has a risk operation when the proxy class checksqlxecutor annotates a change statement that overwrites the database file.
Specifically, as shown in fig. 2, in step S2, i.e. by annotating the database file to screen out the change sentence in the database file, the method includes the following steps:
s21, creating a proxy class adapting to the database file;
in step S21, a proxy class checksqlxexecutor is created based on the execution class sqlxexecutor that called the database file, and a detection criterion is preset in the proxy class checksqlxexecutor to detect whether or not there is a risk operation for each database statement based on the detection criterion when the proxy class checksqlxexecutor annotates the database file.
In an embodiment of the present invention, in step S21, the database file is reloaded by a command "sqlxexecutor log= new CheckSqlExecutor ()", so that the statements originally executed by sqlxexecutor in the database file are proxy executed by checksqlxexecutor, thereby implementing the checking of dangerous statements existing in the code when the database program runs.
S22, annotating the database file through the proxy class so as to screen out change sentences in the database file; wherein the change statement includes an update statement and a delete statement.
In step S22, the update method and the deletion method to be executed in the original execution class sqlxecutor are annotated in the proxy class checksqlxecutor by the @ override command, so as to pertinently filter and traverse the update statement and the deletion statement in the database file.
And then, executing step S3, traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement is a dangerous statement.
In step S3, annotating the change sentences of the update method and the deletion method in the rewritten database file by the agent class checksql executor, and detecting whether each currently rewritten change sentence is in a risk operation based on a preset detection standard when annotating the change sentences of the update method and the deletion method so as to judge whether the change sentence is a risk sentence; and intercepting the execution of the dangerous statement when the dangerous statement with the risk operation is detected, marking the dangerous statement, recording the dangerous statement in a database log to a log management system, and informing a program developer and a database manager to carry out auditing modification through mail.
Specifically, as shown in fig. 3, in step S3, that is, based on a preset detection standard, the change sentence is traversed by means of annotation rewriting, so as to detect whether the change sentence is a dangerous sentence, which includes the following steps:
s31, traversing the change statement in a comment rewriting mode; step S31 comprises traversing each change statement by means of an update method and a delete method in a checkSqlExecutor annotation overwrite database file, wherein the change statement comprises an update statement and a delete statement;
s32, analyzing each currently rewritten change statement based on a preset detection standard, and judging that the change statement is a batch operation with whole table update or whole table deletion;
s33, if the change statement has batch operation of whole table update or whole table deletion, judging that the change statement has risk operation, and marking the change statement as a dangerous statement.
Further, as shown in fig. 4, in step S32, that is, analyzing each currently rewritten change sentence based on a preset detection criterion, determining that the change sentence is a batch operation in which a whole table update or a whole table deletion exists includes the steps of:
s321, inquiring whether a conditional statement exists in the change statement which is rewritten currently;
s322, if yes, judging that the current rewritten change statement does not have batch operation of whole table update or whole table deletion;
s323, if not, judging that the current rewritten change statement has batch operation of whole table update or whole table deletion.
In step S32, whether a conditional statement "where" keyword exists in the update statement or the delete statement currently rewritten is queried by the contacts function; if the operation is not present, indicating that batch operation of whole table update or whole table deletion possibly exists in the update statement or the deletion statement, and further judging that the update statement or the deletion statement is a dangerous statement; if so, the update statement or the delete statement is defined as a restricted update operation or a restricted delete operation, and no risk exists.
In addition, in an embodiment of the present invention, in step S32, before executing whether a conditional statement exists in the change statement currently rewritten by the query, the method further includes a syntax detection of a current rewritten change statement, where the syntax detection of the current rewritten change statement includes the following steps:
firstly, carrying out standard conversion processing on codes of the change sentences; firstly, uniformly converting a currently rewritten change sentence into lowercase characters through a string toLowerCase () instruction;
then, whether the grammar of the currently rewritten change statement is normal or not is analyzed through an SQLparameter function;
if yes, executing step S321, and performing a next detection on the risk operation of the change statement; if not, marking the change statement as a dangerous statement.
Referring to fig. 5, fig. 5 is a block diagram illustrating a database risk statement detection system 10 according to an embodiment of the invention. The database risk statement detection system 10 comprises a file acquisition module 11, a statement screening module 12 and a risk analysis module 13. The functional modules are described in detail as follows:
a file acquisition module 11, configured to acquire a database file to be detected;
a statement screening module 12, configured to screen out a change statement in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement;
the risk analysis module 13 is configured to traverse the change sentence by annotating and rewriting based on a preset detection standard, so as to detect whether a risk operation exists in the change sentence.
In one embodiment, the file obtaining module 11 is specifically configured to:
based on address or name information of a database file to be detected, calling the database file from an item warehouse through a calling command; the database file comprises source codes integrated with database sentences or configuration files integrated with database sentences.
In one embodiment, the sentence screening module 12 is specifically configured to:
creating a proxy class adapting to the database file;
annotating the database file through the proxy class to screen out change sentences in the database file; wherein the change statement includes an update statement and a delete statement.
In one embodiment, the sentence screening module 12 is specifically configured to:
and rewriting the update method and the deletion method of the database file through annotations in the proxy class so as to screen and traverse the update statement and the deletion statement in the database file.
In one embodiment, the risk analysis module 13 is specifically configured to:
traversing the change statement in a comment rewriting mode;
analyzing each currently rewritten change statement based on a preset detection standard, and judging whether the change statement is a batch operation with whole table update or whole table deletion;
if the change statement has batch operation of whole table update or whole table deletion, judging that the change statement has risk operation, and marking the change statement as a dangerous statement.
In one embodiment, the risk analysis module 13 is specifically configured to:
inquiring whether a conditional statement exists in the change statement which is rewritten currently or not;
if yes, judging that the current rewritten change statement does not have batch operation of whole table update or whole table deletion;
if not, judging that the current rewritten change statement has batch operation of whole table update or whole table deletion.
In one embodiment, the risk analysis module 13 is specifically configured to:
analyzing whether the grammar of the currently rewritten change statement is normal or not through an SQLparameter function;
if yes, detecting the change statement in the next step;
if not, marking the change statement as a dangerous statement.
It should be noted that, in order to highlight the innovative part of the present invention, no module that is not very close to solving the technical problem presented by the present invention is introduced in the present embodiment, but it does not indicate that other modules are not present in the present embodiment.
In addition, it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the system described above may refer to the corresponding process in the foregoing method embodiment, which is not repeated herein. In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, and for example, the division of the modules is merely a logical function division, and there may be additional divisions when actually implemented, for example, multiple modules or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The modules illustrated as separate components may or may not be physically separate, and components shown as modules may or may not be physical modules, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module. The integrated modules may be implemented in hardware or in software functional units.
As shown in fig. 6, the present embodiment further proposes a computer device, which includes a processor and a memory, the processor and the memory being coupled, the memory storing program instructions, the program instructions stored in the memory implementing the task management method described above when executed by the processor. The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but also digital signal processors (Digital Signal Processing, abbreviated as DSP), application specific integrated circuits (Application Specific Integrated Circuit, abbreviated as ASIC), field-programmable gate arrays (Field-Programmable Gate Array, abbreviated as FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components; the Memory may include random access Memory (Random Access Memory, RAM) and may also include Non-Volatile Memory (Non-Volatile Memory), such as at least one disk Memory. The memory may be an internal memory of the random access memory (Random Access Memory, RAM) type, and the processor, memory may be integrated into one or more separate circuits or hardware, such as: an application specific integrated circuit (Application Specific Integrated Circuit, ASIC). It should be noted that the computer program in the above-mentioned memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a separate product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, an electronic device, or a network device, etc.) to perform all or part of the steps of the method of the various embodiments of the present invention.
The present embodiment also proposes a computer-readable storage medium storing computer instructions for causing a computer to execute the task management method described above. The storage medium may be an electronic medium, a magnetic medium, an optical medium, an electromagnetic medium, an infrared medium, or a semiconductor system or propagation medium. The storage medium may also include semiconductor or solid state memory, magnetic tape, removable computer diskette, random Access Memory (RAM), read-only memory (ROM), rigid magnetic disk and optical disk. Optical discs may include compact disc-read only memory (CD-ROM), compact disc-read/write (CD-RW), and DVD.
According to the detection method, the system, the equipment and the storage medium for the database dangerous sentences, updated or deleted change sentences can be screened from the database file, and whether the risk operation of whole table update or whole table deletion exists in the change sentences is checked based on the preset detection standard analysis, so that risks existing in the database file are comprehensively checked when the database file is executed, and the risk sentence operation is identified and intercepted. The detection method of the database dangerous sentences can comprehensively check the dangerous sentences in the database files, effectively improve the recognition efficiency of the code blanks in full quantity, and reduce the access difficulty. Therefore, the invention effectively overcomes some practical problems in the prior art, thereby having high utilization value and use significance.
The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, it is intended that all equivalent modifications and variations of the invention be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.

Claims (10)

1. A method for detecting a database risk statement, comprising:
acquiring a database file to be detected;
screening out the change sentences in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement;
and traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement is a dangerous statement.
2. The method for detecting a database dangerous sentence according to claim 1, wherein said obtaining a database file to be detected includes:
based on address or name information of a database file to be detected, calling the database file from an item warehouse through a calling command; the database file comprises source codes integrated with database sentences or configuration files integrated with database sentences.
3. The method for detecting a database dangerous sentence according to claim 1, wherein said screening out a change sentence in said database file by annotating said database file includes:
creating a proxy class adapting to the database file;
annotating the database file through the proxy class to screen out change sentences in the database file; wherein the change statement includes an update statement and a delete statement.
4. A method of detecting database risk statements according to claim 3, wherein annotating the database file with the proxy class to screen out variant statements in the database file comprises:
and rewriting the update method and the deletion method of the database file through annotations in the proxy class so as to screen and traverse the update statement and the deletion statement in the database file.
5. The method for detecting a dangerous sentence in a database according to claim 1, wherein traversing the change sentence by annotating and rewriting based on a preset detection criterion to detect whether the change sentence is a dangerous sentence comprises:
traversing the change statement in a comment rewriting mode;
analyzing each currently rewritten change statement based on a preset detection standard, and judging whether the change statement is a batch operation with whole table update or whole table deletion;
if the change statement has batch operation of whole table update or whole table deletion, judging that the change statement has risk operation, and marking the change statement as a dangerous statement.
6. The method for detecting a database dangerous sentence according to claim 5, wherein said analyzing said change sentence of each current rewrite based on a preset detection criterion, determining that said change sentence is a batch operation with a whole table update or a whole table deletion, includes:
inquiring whether a conditional statement exists in the change statement which is rewritten currently or not;
if yes, judging that the current rewritten change statement does not have batch operation of whole table update or whole table deletion;
if not, judging that the current rewritten change statement has batch operation of whole table update or whole table deletion.
7. The method for detecting a database dangerous sentence according to claim 6, further comprising, before the existence of a conditional sentence in the change sentence currently rewritten by the query:
analyzing whether the grammar of the currently rewritten change statement is normal or not through an SQLparameter function;
if yes, detecting the change statement in the next step;
if not, marking the change statement as a dangerous statement.
8. A system for detecting a database hazard statement, comprising:
the file acquisition module is used for acquiring database files to be detected;
the statement screening module is used for screening out the change statement in the database file by annotating the database file; wherein the change statement comprises an update statement and a delete statement;
the risk analysis module is used for traversing the change statement in a comment rewriting mode based on a preset detection standard so as to detect whether the change statement has risk operation or not.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 7 when the computer program is executed by the processor.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.
CN202310185186.1A 2023-02-23 2023-02-23 Database dangerous statement detection method, system, equipment and storage medium Pending CN116108055A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310185186.1A CN116108055A (en) 2023-02-23 2023-02-23 Database dangerous statement detection method, system, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310185186.1A CN116108055A (en) 2023-02-23 2023-02-23 Database dangerous statement detection method, system, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116108055A true CN116108055A (en) 2023-05-12

Family

ID=86259861

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310185186.1A Pending CN116108055A (en) 2023-02-23 2023-02-23 Database dangerous statement detection method, system, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116108055A (en)

Similar Documents

Publication Publication Date Title
CN107506451B (en) Abnormal information monitoring method and device for data interaction
US8214807B2 (en) Code path tracking
US8255899B2 (en) Techniques for upgrade dependency management
US20060271510A1 (en) Database Caching and Invalidation using Database Provided Facilities for Query Dependency Analysis
US20090037893A1 (en) Coverage analysis tool for database-aware applications
CN108563694B (en) SQL execution method and device for logic deletion, computer equipment and storage medium
US11487742B2 (en) Consistency checks between database systems
US10528457B2 (en) Automated unit testing in a mainframe environment
US11347619B2 (en) Log record analysis based on log record templates
US20160124795A1 (en) Evaluation method and apparatus
CN114385763A (en) Data blood margin analysis method, device and system and readable storage medium
CN115357590A (en) Recording method and device for data change, electronic device and storage medium
CN111124872A (en) Branch detection method and device based on difference code analysis and storage medium
US20210157924A1 (en) Coverage of web appliction analysis
CN110990346A (en) File data processing method, device, equipment and storage medium based on block chain
JP2024505236A (en) Data set multiplexer for data processing systems
CN114003269A (en) Component processing method and device, electronic equipment and storage medium
US11954014B2 (en) Automated unit testing in a mainframe CICS environment
US20230221881A1 (en) Techniques for discovering data store locations via initial scanning
CN116108055A (en) Database dangerous statement detection method, system, equipment and storage medium
CN115129598A (en) Risk detection method, device, system and medium for SQL (structured query language) statements
CN115705250A (en) Monitoring stack usage to optimize programs
CN114691197A (en) Code analysis method and device, electronic equipment and storage medium
US8209359B2 (en) Generating BPEL control flows
US10838716B1 (en) Automated dependency detection and response

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination