使用调用逻辑示例
该示例代码指导了如何调用SecDetectionSDK的接口去初始化、检测SQL以及反初始化。
#include <stdio.h>
#include <dlfcn.h>
#include <stdlib.h>
#include <string.h>
#include "dbsd_intf.h"
#include <unistd.h>
#include <fstream>
#include <vector>
#include <string>
#include "securec.h"
using namespace std;
// 定义内存分配和释放的回调函数
static void* myMalloc(size_t size) {
return malloc(size);
}
static void myFree(void *memBuff) {
if (memBuff == nullptr){
return;
}
free(memBuff);
}
DBSD_Callbacks callbacks = {
.memAlloc = myMalloc,
.memFree = myFree
};
int main(int argc, char** argv) {
string filename = argv[1];
// 加载共享库
void* handle = dlopen("./output/lib/libhisec_db_detection.so", RTLD_LAZY);
if (!handle) {
fprintf(stderr, "无法加载共享库: %s\n", dlerror());
return EXIT_FAILURE;
}
// 获取函数指针
DBSD_Init_t init_func = (DBSD_Init_t)dlsym(handle, "DBSD_Init");
DBSD_Start_t start_func = (DBSD_Start_t)dlsym(handle, "DBSD_Start");
DBSD_Stop_t stop_func = (DBSD_Stop_t)dlsym(handle, "DBSD_Stop");
DBSD_Uninit_t uninit_func = (DBSD_Uninit_t)dlsym(handle, "DBSD_Uninit");
DBSD_SqliDetect_t detect_func = (DBSD_SqliDetect_t)dlsym(handle, "DBSD_SqliDetect");
DBSD_CheckUserInfo_t check_user_func = (DBSD_CheckUserInfo_t)dlsym(handle, "DBSD_CheckUserInfo");
DBSD_SendUserInfo_t send_user_func = (DBSD_SendUserInfo_t)dlsym(handle, "DBSD_SendUserInfo");
// 检查函数指针是否获取成功
if (!init_func || !start_func || !stop_func || !uninit_func || !detect_func || !check_user_func || !send_user_func) {
fprintf(stderr, "无法获取函数指针: %s\n", dlerror());
dlclose(handle);
return EXIT_FAILURE;
}
// 初始化模块
const char* logPath = "/tmp/raglog";
const char* dataPath = "/tmp/ragdata";
DBSD_RET_CODE ret = init_func(&callbacks, logPath, dataPath);
if (ret != DBSD_RET_OK) {
fprintf(stderr, "初始化失败\n");
dlclose(handle);
return EXIT_FAILURE;
}
// 启动模块
ret = start_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "启动失败\n");
dlclose(handle);
return EXIT_FAILURE;
}
// 准备检测数据
// 检查用户信息
unsigned int userId = 1;
ret = check_user_func(userId);
if (ret == DBSD_RET_OK) {
const char* userInfo = "{\"rolsuper\": false, \"rolsystemadmin\": false, \"rolcreaterole\": false }";
ret = send_user_func(userId, userInfo);
// 不需要查询用户信息
} else {
fprintf(stderr, "检查用户信息失败\n");
dlclose(handle);
return EXIT_FAILURE;
}
bool isSync = false;
vector<DBSD_SqliData> data;
std::ifstream file(filename);
std::string line;
// 执行SQL检测
while (getline(file, line)) {
DBSD_SqliData sqliData;
sqliData.userId = 1;
sqliData.userAddress = "192.168.1.1";
sqliData.sqlStatementLen = line.size();
sqliData.sqlStatement = (char*)malloc(sqliData.sqlStatementLen);
memcpy(sqliData.sqlStatement, line.c_str(), sqliData.sqlStatementLen);
data.push_back(sqliData);
}
file.close();
for (const auto &iter : data) {
ret = detect_func(&iter, isSync);
}
for (const auto iter : data) {
free(iter.sqlStatement );
}
if (ret != DBSD_RET_OK) {
dlclose(handle);
return EXIT_FAILURE;
}
printf("dectect success\n");
sleep(30);
// 停止模块
ret = stop_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "停止失败\n");
dlclose(handle);
return EXIT_FAILURE;
}
// 反初始化模块
ret = uninit_func();
if (ret != DBSD_RET_OK) {
fprintf(stderr, "反初始化失败\n");
dlclose(handle);
return EXIT_FAILURE;
}
// 关闭共享库
dlclose(handle);
return 0;
}
运行结果:
日志输出在“/tmp/raglog”中,内容如下:
2025-06-18 12:01:51 [unknown] [unknown] localhost 281473028636928 0[0:0#0] 0 [a.out] ERROR: Detect high risk sql events! [event={"eventLevel":4,"eventType":"high risk sql","evidence":{"riskSqlPart":"alter role ","userId":1},"handleLevel":1,"occurTime":1750219311444}]
父主题: 异常SQL检测开发参考