-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use SET syntax as specified in the MySQL documentation #1402
Use SET syntax as specified in the MySQL documentation #1402
Conversation
An example of how
Notice how there is a trailing With the fix from @beautifulentropy this is the correct output we now see going through
|
thanks |
@beautifulentropy So this is a workaround for a bug in ProxySQL, isn't it? If yes, could you link to the ticket you opened on the ProxySQL project? |
I don't believe it's fair to characterize this as a "workaround for a bug in ProxySQL". In the issue above I describe how this package passes variables using a SET syntax which isn't described in the official MySQL or MariaDB documentation. The PR simply corrects the package to pass the variables using the syntax as specified by the the maintainers of both projects. Similarly, I don't feel that it's appropriate to open an issue with ProxySQL to support a syntax which isn't documented by either project. |
This update pulls in changes that we contributed upstream, which should smooth interactions between Boulder and ProxySQL. Release notes: https://github.com/go-sql-driver/mysql/releases/tag/v1.7.1 Changelog: go-sql-driver/mysql@v1.5.0...v1.7.1 Relevant change: go-sql-driver/mysql#1402
@beautifulentropy Here is the reference documentation:
That documentation doesn't mention anywhere that spaces are mandatory around |
You linked to the correct docs just as the PR description linked to prior versions of mariadb/mysql docs. While the docs do not explicitly go on to explain why spaces are mandatory around
|
Thanks @pgporada 👍🏻. I'd also like to highlight that the link to the SET syntax outlined in the MariaDB documentation, which was provided in the PR description, aligns with the syntax found in the MySQL documentation links you've presented. |
Spaces in examples are for readability for humans. Here we are discussing about machine-to-machine interactions. Spaces are NOT mandatory around commas. |
The root cause here was a ProxySQL bug, see sysown/proxysql#4268 (comment). It appears to have been fixed sometime last year. fwiw, to the best of my knowledge, the MySQL manual and MariaDB manual both use spaces in the grammar strictly for human readability. The server's lexer treats spaces as entirely optional in situations where the division between tokens is unambiguous. For a couple extreme examples, these horribly-formatted queries are actually completely legal:
Ambiguous cases do require spaces, for example you must use I've been using MySQL continuously since 2003, and to the best of my recollection it has always worked this way. The manual doesn't explicitly state this one way or another, to be fair. But it does provide detailed documentation on the rare edge cases in which whitespace is meaningful. Off the top of my head, I can think of only two of those cases:
Since there's no corresponding long discussion in the manual around Anyway, sorry for rambling on a year-old PR. Personally for my two cents, I don't think this PR should be reverted anytime soon. ProxySQL is widely used (it's great software) and it will be a long while until every ProxySQL user upgrades to a new enough version that fixes this bug. Paying a measly two extra bytes per session variable is a low cost to help with compatibility here. That said, for future situations like this, I would strongly urge opening an issue with ProxySQL. Regardless of how one interprets the MySQL manual, this situation is technically a parser differential, and (in general) parser differentials between proxies and backends are like catnip to clever attackers looking for crazy ways to build SQL injection attacks or find information leaks. I doubt this one is exploitable, but who knows, and there's no harm in reporting it. |
@evanelias as much as you might feel awkward for "rambling on a year-old PR". Thanks for taking the time to write this, it was super informative. |
Description
PR #1099 was able save on round-trip-time by
SET
ting multiple variables in a single transaction. However, the syntax used is out of alignment with both the MySQL and MariaDB docs. Specifically there are missing spaces around the equals (=
) sign and after each comma (,
).Syntax output by go-sql-driver/mysql:
Syntax as specified in the MySQL 8.0 documentation.
Syntax as specified in the MariaDB documentation:
The
SET
syntax output by go-sql-driver/mysql is accepted by recent versions of MariaDB in our testing. Unfortunately we've encountered significant issues when these statements are parsed by ProxySQL, a tool we use for efficient routing of queries to our various MariaDB servers.Checklist