From bab3cd1724cb111961d931f514e1bda316de8572 Mon Sep 17 00:00:00 2001
From: Xudong Zhang <zxdvd_zhang@163.com>
Date: Mon, 18 Jul 2022 20:47:00 +0800
Subject: [PATCH] fix bad logging performance of bulk create (#5520) (#5521)

---
 logger/sql.go | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/logger/sql.go b/logger/sql.go
index c8b194c3..bcacc7cf 100644
--- a/logger/sql.go
+++ b/logger/sql.go
@@ -30,6 +30,8 @@ func isPrintable(s string) bool {
 
 var convertibleTypes = []reflect.Type{reflect.TypeOf(time.Time{}), reflect.TypeOf(false), reflect.TypeOf([]byte{})}
 
+var numericPlaceholderRe = regexp.MustCompile(`\$\d+\$`)
+
 // ExplainSQL generate SQL string with given parameters, the generated SQL is expected to be used in logger, execute it might introduce a SQL injection vulnerability
 func ExplainSQL(sql string, numericPlaceholder *regexp.Regexp, escaper string, avars ...interface{}) string {
 	var (
@@ -138,9 +140,18 @@ func ExplainSQL(sql string, numericPlaceholder *regexp.Regexp, escaper string, a
 		sql = newSQL.String()
 	} else {
 		sql = numericPlaceholder.ReplaceAllString(sql, "$$$1$$")
-		for idx, v := range vars {
-			sql = strings.Replace(sql, "$"+strconv.Itoa(idx+1)+"$", v, 1)
-		}
+
+		sql = numericPlaceholderRe.ReplaceAllStringFunc(sql, func(v string) string {
+			num := v[1 : len(v)-1]
+			n, _ := strconv.Atoi(num)
+
+			// position var start from 1 ($1, $2)
+			n -= 1
+			if n >= 0 && n <= len(vars)-1 {
+				return vars[n]
+			}
+			return v
+		})
 	}
 
 	return sql