Bug#33966181 : JSON audit log has misleading "sql_command": "error" for

Omar Sharieff · dahlerlend · commit c35d584485c7 · 2023-06-02T18:32:58.000+02:00
prepared statements

Description:
Running server commands (\u / use, \s) or calling
C API functions (mysql_refresh, mysql_stat, mysql_dump_debug_info,
mysql_ping, mysql_set_server_option, mysql_list_processes,
mysql_reset_connection) can lead to an error being indicated in
the audit log even when there is no error.

Fix:
A check that prevents logging an error while running / calling
valid server commands and C API functions.

Change-Id: I8adccd30b749847559b49fc1e2bd48c5606ac311
diff --git a/sql/server_component/mysql_server_event_tracking_bridge_imp.cc b/sql/server_component/mysql_server_event_tracking_bridge_imp.cc
@@ -1024,8 +1024,16 @@ DEFINE_BOOL_METHOD(Event_general_bridge_implementation::notify,
         TO_LEXCSTRING(event_information->external_user_);
     plugin_data.general_rows =
         static_cast<unsigned long long>(event_information->rows_);
-    plugin_data.general_sql_command =
-        sql_statement_names[thd->lex->sql_command];
+
+    if (event_information->command_.str != nullptr &&
+        thd->lex->sql_command == SQLCOM_END &&
+        thd->get_command() != COM_QUERY) {
+      plugin_data.general_sql_command = {STRING_WITH_LEN("")};
+    } else {
+      plugin_data.general_sql_command =
+          sql_statement_names[thd->lex->sql_command];
+    }
+
     plugin_data.general_charset = const_cast<CHARSET_INFO *>(
         thd_get_audit_query(thd, &plugin_data.general_query));
     plugin_data.general_time =
diff --git a/sql/server_component/mysql_thd_attributes_imp.cc b/sql/server_component/mysql_thd_attributes_imp.cc
@@ -120,8 +120,13 @@ DEFINE_BOOL_METHOD(mysql_thd_attributes_imp::get,
         *((mysql_cstring_with_length *)inout_pvalue) = val;
       } else if (!strcmp(name, "sql_command")) {
         const char *sql_command = get_sql_command_string(t->lex->sql_command);
-        *((mysql_cstring_with_length *)inout_pvalue) = {sql_command,
-                                                        strlen(sql_command)};
+        if (t->lex->sql_command == SQLCOM_END &&
+            t->get_command() != COM_QUERY) {
+          *((mysql_cstring_with_length *)inout_pvalue) = {"", strlen("")};
+        } else {
+          *((mysql_cstring_with_length *)inout_pvalue) = {sql_command,
+                                                          strlen(sql_command)};
+        }
       } else if (!strcmp(name, "command")) {
         const char *command = get_server_command_string(t->get_command());
         *((mysql_cstring_with_length *)inout_pvalue) = {command,
