Skip to content

Fix JDBC URL parsing crash when no port specified#11550

Merged
gh-worker-dd-mergequeue-cf854d[bot] merged 5 commits into
masterfrom
vzakharov/jdbc_parse_fix
Jun 4, 2026
Merged

Fix JDBC URL parsing crash when no port specified#11550
gh-worker-dd-mergequeue-cf854d[bot] merged 5 commits into
masterfrom
vzakharov/jdbc_parse_fix

Conversation

@ValentinZakharov
Copy link
Copy Markdown
Contributor

@ValentinZakharov ValentinZakharov commented Jun 3, 2026

What Does This Do

Guards the lastIndexOf(':') split in MODIFIED_URL_LIKE.doParse() so it only splits on a colon that appears after ://. If no such colon exists, the full URL is used as-is.

Motivation

DB2/AS400 JDBC URLs without an explicit port that contain = caused a crash in the agent:

java.lang.StringIndexOutOfBoundsException
    at java.lang.String.substring(String.java:1841)
    at datadog.trace.bootstrap.instrumentation.jdbc.JDBCConnectionUrlParser$2.doParse(JDBCConnectionUrlParser.java:109)
    at datadog.trace.bootstrap.instrumentation.jdbc.JDBCConnectionUrlParser$9.doParse(JDBCConnectionUrlParser.java:344)
    at datadog.trace.bootstrap.instrumentation.jdbc.JDBCConnectionUrlParser.parse(JDBCConnectionUrlParser.java:871)

The root cause: when a URL like jdbc:db2://host/db?user=foo is parsed, the code uses lastIndexOf(':') to find the parameter section separator. With no explicit port, the only : is the scheme colon (position 3), so urlPart1 is cut to just "db2". The subsequent urlPart1.substring(hostIndex + 3) - i.e. "db2".substring(6) - throws

URLs that trigger the bug:

  • jdbc:db2://myhost/mydb?user=admin
  • jdbc:db2://myhost/mydb?user=admin&connectionTimeout=30
  • jdbc:as400://myhost/mydb?user=admin

URLs that work fine (explicit port puts a : past ://):

  • jdbc:db2://myhost:50000/mydb:user=admin;password=secret;

Additional Notes

  • The exception was swallowed by the parser's catch block, so the app didn't crash - but host and user were silently lost from the span.

Contributor Checklist

  • Format the title according to the contribution guidelines
  • Assign the type: and (comp: or inst:) labels in addition to any other useful labels
  • Avoid using close, fix, or any linking keywords when referencing an issue
    Use solves instead, and assign the PR milestone to the issue
  • Update the CODEOWNERS file on source file addition, migration, or deletion
  • Update public documentation with any new configuration flags or behaviors
  • Add your completed PR to the merge queue by commenting /merge. You can also:
    • Customize the commit message associated with the merge with /merge --commit-message "..."
    • Remove your PR from the merge queue with /merge -c
    • Skip all merge queue checks with /merge -f --reason "reason"; please use this judiciously, as some checks do not run at the PR-level
    • Get more information in this doc

Jira ticket: [PROJ-IDENT]

@ValentinZakharov ValentinZakharov self-assigned this Jun 3, 2026
@ValentinZakharov ValentinZakharov requested a review from a team as a code owner June 3, 2026 15:31
@ValentinZakharov ValentinZakharov added type: bug Bug report and fix comp: core Tracer core inst: jdbc JDBC instrumentation labels Jun 3, 2026
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 3, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f8a5e56949

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread ...trap/src/main/java/datadog/trace/bootstrap/instrumentation/jdbc/JDBCConnectionUrlParser.java Outdated
@datadog-prod-us1-3

This comment has been minimized.

Sign in to view
@dd-octo-sts
Copy link
Copy Markdown
Contributor

dd-octo-sts Bot commented Jun 3, 2026
edited
Loading

🟢 Java Benchmark SLOs — All performance SLOs passed

Suite Status
Startup 🟢 pass

SLO thresholds are defined here based on automatically generated metrics. A warning is raised when results are within 5% of the threshold.

PR vs. master results
Scenario Candidate master Δ (95% CI of mean)
startup:insecure-bank:iast:Agent 13.94 s 13.94 s [-1.1%; +1.2%] (no difference)
startup:insecure-bank:tracing:Agent 12.86 s 12.92 s [-1.6%; +0.7%] (no difference)
startup:petclinic:appsec:Agent 16.58 s 15.46 s [-1.6%; +16.1%] (unstable)
startup:petclinic:iast:Agent 16.59 s 16.68 s [-1.7%; +0.6%] (no difference)
startup:petclinic:profiling:Agent 16.51 s 16.54 s [-1.5%; +1.2%] (no difference)
startup:petclinic:tracing:Agent 15.83 s 15.89 s [-1.5%; +0.7%] (no difference)

Commit: 11505809 · CI Pipeline · Benchmarking Platform UI

Load and DaCapo benchmarks can be triggered manually in the GitLab pipeline. Results will appear in the Benchmarking Platform UI after completion.

amarziali
amarziali approved these changes Jun 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@amarziali amarziali left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for fixing that. I left a couple of suggestions to encourage using TableTest in the the junit

Comment thread ...c/test/java/datadog/trace/bootstrap/instrumentation/jdbc/JDBCConnectionUrlParserDB2Test.java Outdated
class JDBCConnectionUrlParserDB2Test {

@ParameterizedTest
@CsvSource({
Copy link
Copy Markdown
Contributor

@amarziali amarziali Jun 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can use @TableTest that we're actively using in the groovy to junit migration

Copy link
Copy Markdown
Contributor Author

@ValentinZakharov ValentinZakharov Jun 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, fixed

Comment thread ...c/test/java/datadog/trace/bootstrap/instrumentation/jdbc/JDBCConnectionUrlParserDB2Test.java Outdated
// databasename param in query string should be parsed into db field
"jdbc:db2://db2.host/mydb?user=db2user&databasename=otherdb, db2, db2.host, db2user, otherdb",
})
void db2UrlWithDatabasenameQueryParamShouldParseDbCorrectly(
Copy link
Copy Markdown
Contributor

@amarziali amarziali Jun 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can collapse the two test since the assertions look the same

Copy link
Copy Markdown
Contributor Author

@ValentinZakharov ValentinZakharov Jun 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point! Thanks

@dd-octo-sts dd-octo-sts Bot added the tag: ai generated Largely based on code generated by an AI or LLM label Jun 4, 2026
@ValentinZakharov ValentinZakharov force-pushed the vzakharov/jdbc_parse_fix branch from 3bf77c8 to 34ed85a Compare June 4, 2026 08:32
@ValentinZakharov ValentinZakharov added tag: ai generated Largely based on code generated by an AI or LLM and removed tag: ai generated Largely based on code generated by an AI or LLM labels Jun 4, 2026
@ValentinZakharov ValentinZakharov force-pushed the vzakharov/jdbc_parse_fix branch from 34ed85a to 344efdb Compare June 4, 2026 10:13
@ValentinZakharov ValentinZakharov requested a review from a team as a code owner June 4, 2026 10:13
@ValentinZakharov ValentinZakharov force-pushed the vzakharov/jdbc_parse_fix branch from 344efdb to 1150580 Compare June 4, 2026 10:16
@ValentinZakharov ValentinZakharov added this pull request to the merge queue Jun 4, 2026
@dd-octo-sts
Copy link
Copy Markdown
Contributor

dd-octo-sts Bot commented Jun 4, 2026

/merge

@gh-worker-devflow-routing-ef8351
Copy link
Copy Markdown

gh-worker-devflow-routing-ef8351 Bot commented Jun 4, 2026
edited
Loading

View all feedbacks in Devflow UI.

2026-06-04 12:51:17 UTC ℹ️ Start processing command /merge

2026-06-04 12:51:22 UTC ℹ️ MergeQueue: pull request added to the queue

The expected merge time in master is approximately 1h (p90).

2026-06-04 14:01:19 UTC ℹ️ MergeQueue: This merge request was merged

@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jun 4, 2026
@gh-worker-dd-mergequeue-cf854d gh-worker-dd-mergequeue-cf854d Bot merged commit 20950de into master Jun 4, 2026
572 checks passed
@gh-worker-dd-mergequeue-cf854d gh-worker-dd-mergequeue-cf854d Bot deleted the vzakharov/jdbc_parse_fix branch June 4, 2026 14:01
@github-actions github-actions Bot added this to the 1.64.0 milestone Jun 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@amarziali amarziali amarziali approved these changes

Assignees

@ValentinZakharov ValentinZakharov

Labels

comp: core Tracer core inst: jdbc JDBC instrumentation tag: ai generated Largely based on code generated by an AI or LLM type: bug Bug report and fix

Projects

None yet

Milestone

1.64.0

Development

Successfully merging this pull request may close these issues.

3 participants

@ValentinZakharov @manuel-alvarez-alvarez @amarziali