suricata icon indicating copy to clipboard operation
suricata copied to clipboard
verified publisher icon OISF

MySQL: parser v2

Open QianKaiLin opened this issue 10 months ago • 3 comments

Make sure these boxes are checked accordingly before submitting your Pull Request -- thank you.

Contribution style:

  • [x] I have read the contributing guide lines at https://docs.suricata.io/en/latest/devguide/contributing/contribution-process.html

Our Contribution agreements:

  • [x] I have signed the Open Information Security Foundation contribution agreement at https://suricata.io/about/contribution-agreement/ (note: this is only required once)

Changes (if applicable):

  • [x] I have updated the User Guide (in doc/userguide/) to reflect the changes made
  • [x] I have updated the JSON schema (in etc/schema.json) to reflect all logging changes (including schema descriptions)

Link to ticket: https://redmine.openinfosecfoundation.org/issues/3446

Describe changes:

  • fix mysql parser bug.
  • fix mysql logger bug.
  • add mysql detection keywords mysql.command and mysql.rows
  • add SV tests.
  • upgrade User Guide document and Upgrade document.

SV_BRANCH=https://github.com/OISF/suricata-verify/pull/2067

QianKaiLin avatar Feb 07 '25 03:02 QianKaiLin

NOTE: This PR may contain new authors.

github-actions[bot] avatar Feb 07 '25 19:02 github-actions[bot]

Codecov Report

:x: Patch coverage is 57.86082% with 981 lines in your changes missing coverage. Please review. :white_check_mark: Project coverage is 80.51%. Comparing base (d4330ef) to head (25b613b). :warning: Report is 1271 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #12541      +/-   ##
==========================================
- Coverage   80.68%   80.51%   -0.18%     
==========================================
  Files         925      929       +4     
  Lines      258914   261234    +2320     
==========================================
+ Hits       208914   210329    +1415     
- Misses      50000    50905     +905
Flag Coverage Δ
fuzzcorpus 56.19% <4.45%> (-0.64%) :arrow_down:
livemode 19.22% <4.54%> (-0.19%) :arrow_down:
pcap 43.66% <4.17%> (-0.54%) :arrow_down:
suricata-verify 63.27% <55.11%> (-0.12%) :arrow_down:
unittests 58.11% <29.13%> (-0.27%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

codecov[bot] avatar Feb 07 '25 20:02 codecov[bot]

@QianKaiLin are you planning to address the comments and do a new PR?

victorjulien avatar May 15 '25 13:05 victorjulien

I guess we should take it over

catenacyber avatar Jun 18 '25 08:06 catenacyber

Closing as stale.

victorjulien avatar Oct 04 '25 09:10 victorjulien