Example of Calling Logic
This example shows how to call the SecDetectionSDK interfaces to initialize, perform, and deinitialize SQL detection.
#include <stdio.h>
#include <dlfcn.h>
#include <stdlib.h>
#include <string.h>
#include "dbsd_intf.h"
#include <unistd.h>
#include <fstream>
#include <vector>
#include <string>
#include "securec.h"
using namespace std;
// Define the callback functions for memory allocation and release.
static void* myMalloc(size_t size) {
return malloc(size);
}
static void myFree(void *memBuff) {
if (memBuff == nullptr){
return;
}
free(memBuff);
}
DBSD_Callbacks callbacks = {
.memAlloc = myMalloc,
.memFree = myFree
};
int main(int argc, char** argv) {
string filename = argv[1];
// Load the shared library.
void* handle = dlopen("./output/lib/libhisec_db_detection.so", RTLD_LAZY);
if (!handle) {
fprintf(stderr, "Failed to load the shared library: %s\n", dlerror());
return EXIT_FAILURE;
}
// Obtain the function pointer.
DBSD_Init_t init_func = (DBSD_Init_t)dlsym(handle, "DBSD_Init");
DBSD_Start_t start_func = (DBSD_Start_t)dlsym(handle, "DBSD_Start");
DBSD_Stop_t stop_func = (DBSD_Stop_t)dlsym(handle, "DBSD_Stop");
DBSD_Uninit_t uninit_func = (DBSD_Uninit_t)dlsym(handle, "DBSD_Uninit");
DBSD_SqliDetect_t detect_func = (DBSD_SqliDetect_t)dlsym(handle, "DBSD_SqliDetect");
DBSD_CheckUserInfo_t check_user_func = (DBSD_CheckUserInfo_t)dlsym(handle, "DBSD_CheckUserInfo");
DBSD_SendUserInfo_t send_user_func = (DBSD_SendUserInfo_t)dlsym(handle, "DBSD_SendUserInfo");
// Check whether the function pointer is successfully obtained.
if (!init_func || !start_func || !stop_func || !uninit_func || !detect_func || !check_user_func || !send_user_func) {
fprintf(stderr, "Failed to obtain the function pointer: %s\n", dlerror());
dlclose(handle);
return EXIT_FAILURE;
}
// Initialize the module.
const char* logPath = "/tmp/raglog";
const char* dataPath = "/tmp/ragdata";
DBSD_RET_CODE ret = init_func(&callbacks, logPath, dataPath);
if (ret != DBSD_RET_OK) {
fprintf(stderr, "Initialization failed\n");
dlclose(handle);
return EXIT_FAILURE;
}
// Start the module.
ret = start_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "Startup failed\n");
dlclose(handle);
return EXIT_FAILURE;
}
// Prepare detection data.
// Check user information.
unsigned int userId = 1;
ret = check_user_func(userId);
if (ret == DBSD_RET_OK) {
const char* userInfo = "{\"rolsuper\": false, \"rolsystemadmin\": false, \"rolcreaterole\": false }";
ret = send_user_func(userId, userInfo);
// No need to query user information.
} else {
fprintf(stderr, "Failed to check user information\n");
dlclose(handle);
return EXIT_FAILURE;
}
bool isSync = false;
vector<DBSD_SqliData> data;
std::ifstream file(filename);
std::string line;
// Perform SQL detection.
while (getline(file, line)) {
DBSD_SqliData sqliData;
sqliData.userId = 1;
sqliData.userAddress = "192.168.1.1";
sqliData.sqlStatementLen = line.size();
sqliData.sqlStatement = (char*)malloc(sqliData.sqlStatementLen);
memcpy(sqliData.sqlStatement, line.c_str(), sqliData.sqlStatementLen);
data.push_back(sqliData);
}
file.close();
for (const auto &iter : data) {
ret = detect_func(&iter, isSync);
}
for (const auto iter : data) {
free(iter.sqlStatement );
}
if (ret != DBSD_RET_OK) {
dlclose(handle);
return EXIT_FAILURE;
}
printf("dectect success\n");
sleep(30);
// Stop the module.
ret = stop_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "Stop failed\n");
dlclose(handle);
return EXIT_FAILURE;
}
// Deinitialize the module.
ret = uninit_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "Deinitialization failed\n");
dlclose(handle);
return EXIT_FAILURE;
}
// Disable the shared library.
dlclose(handle);
return 0;
}
Output:
Logs are stored in /tmp/raglog. The following is an example:
2025-06-18 12:01:51 [unknown] [unknown] localhost 281473028636928 0[0:0#0] 0 [a.out] ERROR: Detect high risk sql events! [event={"eventLevel":4,"eventType":"high risk sql","evidence":{"riskSqlPart":"alter role ","userId":1},"handleLevel":1,"occurTime":1750219311444}]
Parent topic: Reference for SQL Anomaly Detection