!28 [sync] PR-16: Limit javax.annotation-api version to 1.2

From: @openeuler-sync-bot 
Reviewed-by: @caodongxia 
Signed-off-by: @caodongxia

CVE-2017-7536.patch

@@ -0,0 +1,133 @@
+From 56d9abae14a71f1e9b31cb76cde38ad364b43d02 Mon Sep 17 00:00:00 2001
+From: maminjie <maminjie1@huawei.com>
+Date: Sat, 19 Sep 2020 12:39:06 +0800
+Subject: [PATCH] Fix privilege escalation when running under the security
+ manager (CVE-2017-7536)
+
+refers to https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d113
+---
+ documentation/src/main/asciidoc/ch01.asciidoc |  2 ++
+ .../HibernateValidatorPermission.java         | 29 +++++++++++++++++++
+ .../internal/engine/ValidatorImpl.java        |  6 ++++
+ .../privilegedactions/GetDeclaredField.java   |  1 -
+ tck-runner/src/test/resources/test.policy     |  5 ++++
+ 5 files changed, 42 insertions(+), 1 deletion(-)
+ create mode 100644 engine/src/main/java/org/hibernate/validator/HibernateValidatorPermission.java
+
+diff --git a/documentation/src/main/asciidoc/ch01.asciidoc b/documentation/src/main/asciidoc/ch01.asciidoc
+index 59b5ef3..67f7598 100644
+--- a/documentation/src/main/asciidoc/ch01.asciidoc
++++ b/documentation/src/main/asciidoc/ch01.asciidoc
+@@ -105,6 +105,8 @@ grant codeBase "file:path/to/hibernate-validator-{hvVersion}.jar" {
+     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+     permission java.lang.RuntimePermission "accessDeclaredMembers";
+ 
++    permission org.hibernate.validator.HibernateValidatorPermission "accessPrivateMembers";
++
+     // Only needed when working with XML descriptors (validation.xml or XML constraint mappings)
+     permission java.util.PropertyPermission "mapAnyUriToUri", "read";
+ };
+diff --git a/engine/src/main/java/org/hibernate/validator/HibernateValidatorPermission.java b/engine/src/main/java/org/hibernate/validator/HibernateValidatorPermission.java
+new file mode 100644
+index 0000000..fa90ed1
+--- /dev/null
++++ b/engine/src/main/java/org/hibernate/validator/HibernateValidatorPermission.java
+@@ -0,0 +1,29 @@
++/*
++ * Hibernate Validator, declare and validate application constraints
++ *
++ * License: Apache License, Version 2.0
++ * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
++ */
++package org.hibernate.validator;
++
++import java.security.BasicPermission;
++
++/**
++ * Our specific implementation of {@link BasicPermission} as we cannot define additional {@link RuntimePermission}.
++ * <p>
++ * {@code HibernateValidatorPermission} is thread-safe and immutable.
++ *
++ * @author Guillaume Smet
++ */
++public class HibernateValidatorPermission extends BasicPermission {
++
++   public static final HibernateValidatorPermission ACCESS_PRIVATE_MEMBERS = new HibernateValidatorPermission( "accessPrivateMembers" );
++
++   public HibernateValidatorPermission(String name) {
++       super( name );
++   }
++
++   public HibernateValidatorPermission(String name, String actions) {
++       super( name, actions );
++   }
++}
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/ValidatorImpl.java b/engine/src/main/java/org/hibernate/validator/internal/engine/ValidatorImpl.java
+index ced6804..d4e160c 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/ValidatorImpl.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/ValidatorImpl.java
+@@ -35,6 +35,7 @@
+ import javax.validation.groups.Default;
+ import javax.validation.metadata.BeanDescriptor;
+ 
++import org.hibernate.validator.HibernateValidatorPermission;
+ import org.hibernate.validator.internal.engine.ValidationContext.ValidationContextBuilder;
+ import org.hibernate.validator.internal.engine.constraintvalidation.ConstraintValidatorManager;
+ import org.hibernate.validator.internal.engine.groups.Group;
+@@ -1734,6 +1735,11 @@ private Member getAccessible(Member original) {
+ 		if ( member != null ) {
+ 			return member;
+ 		}
++    
++        SecurityManager sm = System.getSecurityManager();
++        if ( sm != null ) {
++            sm.checkPermission( HibernateValidatorPermission.ACCESS_PRIVATE_MEMBERS );
++        }
+ 
+ 		Class<?> clazz = original.getDeclaringClass();
+ 
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/util/privilegedactions/GetDeclaredField.java b/engine/src/main/java/org/hibernate/validator/internal/util/privilegedactions/GetDeclaredField.java
+index 2169571..5bc6285 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/util/privilegedactions/GetDeclaredField.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/util/privilegedactions/GetDeclaredField.java
+@@ -31,7 +31,6 @@ private GetDeclaredField(Class<?> clazz, String fieldName) {
+ 	public Field run() {
+ 		try {
+ 			final Field field = clazz.getDeclaredField( fieldName );
+-			field.setAccessible( true );
+ 			return field;
+ 		}
+ 		catch ( NoSuchFieldException e ) {
+diff --git a/tck-runner/src/test/resources/test.policy b/tck-runner/src/test/resources/test.policy
+index 7c7b72e..ac9cb25 100644
+--- a/tck-runner/src/test/resources/test.policy
++++ b/tck-runner/src/test/resources/test.policy
+@@ -27,6 +27,8 @@ grant codeBase "file:${localRepository}/org/hibernate/hibernate-validator/${proj
+     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+     permission java.lang.RuntimePermission "accessDeclaredMembers";
+ 
++    permission org.hibernate.validator.HibernateValidatorPermission "accessPrivateMembers";
++
+     // JAXB
+     permission java.util.PropertyPermission "mapAnyUriToUri", "read";
+ };
+@@ -37,6 +39,8 @@ grant codeBase "file:${basedir}/../engine/target/hibernate-validator-${project.v
+     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+     permission java.lang.RuntimePermission "accessDeclaredMembers";
+ 
++    permission org.hibernate.validator.HibernateValidatorPermission "accessPrivateMembers";
++
+     // JAXB
+     permission java.util.PropertyPermission "mapAnyUriToUri", "read";
+ };
+@@ -75,6 +79,7 @@ grant codeBase "file:${project.build.directory}/classes" {
+     permission java.util.PropertyPermission "validation.provider", "read";
+     permission java.io.FilePermission "${localRepository}/org/hibernate/beanvalidation/tck/beanvalidation-tck-tests/${tck.version}/beanvalidation-tck-tests-${tck.version}.jar", "read";
+     permission java.util.PropertyPermission "user.language", "write";
++    permission org.hibernate.validator.HibernateValidatorPermission "accessPrivateMembers";
+ };
+ 
+ grant codeBase "file:${project.build.directory}/test-classes" {
+-- 
+2.23.0
+

CVE-2019-10219.patch

@@ -0,0 +1,95 @@
+From 124b7dd6d9a4ad24d4d49f74701f05a13e56ceee Mon Sep 17 00:00:00 2001
+From: Davide D'Alto <davide@hibernate.org>
+Date: Fri, 18 Oct 2019 16:45:20 +0200
+Subject: [PATCH] HV-1739 Fix CVE-2019-10219 Security issue with @SafeHtml
+
+---
+ .../hv/SafeHtmlValidator.java                 | 10 ++---
+ .../hv/SafeHtmlValidatorTest.java             | 38 +++++++++++++++++++
+ 2 files changed, 43 insertions(+), 5 deletions(-)
+
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/constraintvalidators/hv/SafeHtmlValidator.java b/engine/src/main/java/org/hibernate/validator/internal/constraintvalidators/hv/SafeHtmlValidator.java
+index 7fba356..26e4361 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/constraintvalidators/hv/SafeHtmlValidator.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/constraintvalidators/hv/SafeHtmlValidator.java
+@@ -6,13 +6,13 @@
+  */
+ package org.hibernate.validator.internal.constraintvalidators.hv;
+ 
+-import java.util.Iterator;
++import java.util.List;
+ import javax.validation.ConstraintValidator;
+ import javax.validation.ConstraintValidatorContext;
+ 
+ import org.jsoup.Jsoup;
+ import org.jsoup.nodes.Document;
+-import org.jsoup.nodes.Element;
++import org.jsoup.nodes.Node;
+ import org.jsoup.parser.Parser;
+ import org.jsoup.safety.Cleaner;
+ import org.jsoup.safety.Whitelist;
+@@ -76,9 +76,9 @@ private Document getFragmentAsDocument(CharSequence value) {
+ 		Document document = Document.createShell( "" );
+ 
+ 		// add the fragment's nodes to the body of resulting document
+-		Iterator<Element> nodes = fragment.children().iterator();
+-		while ( nodes.hasNext() ) {
+-			document.body().appendChild( nodes.next() );
++		List<Node> childNodes = fragment.childNodes();
++		for ( Node node : childNodes ) {
++			document.body().appendChild( node.clone() );
+ 		}
+ 
+ 		return document;
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/constraintvalidators/hv/SafeHtmlValidatorTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/constraintvalidators/hv/SafeHtmlValidatorTest.java
+index 65a1f8a..c45aad3 100644
+--- a/engine/src/test/java/org/hibernate/validator/test/internal/constraintvalidators/hv/SafeHtmlValidatorTest.java
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/constraintvalidators/hv/SafeHtmlValidatorTest.java
+@@ -54,6 +54,44 @@ public void testInvalidScriptTagIncluded() throws Exception {
+ 		assertFalse( getSafeHtmlValidator().isValid( "Hello<script>alert('Doh')</script>World !", null ) );
+ 	}
+ 
++	@Test
++	// A "downlevel revealed" conditional 'comment' is not an (X)HTML comment at all,
++	// despite the misleading name, it is default Microsoft syntax.
++	// The tag is unrecognized by therefore executed
++	public void testDownlevelRevealedConditionalComment() throws Exception {
++		descriptorBuilder.setAttribute( "whitelistType", WhiteListType.BASIC );
++
++		assertFalse( getSafeHtmlValidator().isValid( "<![if !IE]>\n<SCRIPT>alert{'XSS'};</SCRIPT>\n<![endif]>", null ) );
++        }
++
++	@Test
++	public void testDownlevelHiddenConditionalComment() throws Exception {
++		descriptorBuilder.setAttribute( "whitelistType", WhiteListType.BASIC );
++
++		assertFalse( getSafeHtmlValidator().isValid( "<!--[if gte IE 4]>\n<SCRIPT>alert{'XSS'};</SCRIPT>\n<![endif]-->", null ) );
++	}
++
++	@Test
++	public void testSimpleComment() throws Exception {
++		descriptorBuilder.setAttribute( "whitelistType", WhiteListType.BASIC );
++
++		assertFalse( getSafeHtmlValidator().isValid( "<!-- Just a comment -->", null ) );
++	}
++
++	@Test
++	public void testServerSideIncludesSSI() throws Exception {
++		descriptorBuilder.setAttribute( "whitelistType", WhiteListType.BASIC );
++
++		assertFalse( getSafeHtmlValidator().isValid( "<? echo{'<SCR}'; echo{'IPT>alert{\"XSS\"}</SCRIPT>'}; ?>", null ) );
++	}
++
++	@Test
++	public void testPHPScript() throws Exception {
++		descriptorBuilder.setAttribute( "whitelistType", WhiteListType.BASIC );
++
++		assertFalse( getSafeHtmlValidator().isValid( "<? echo{'<SCR}'; echo{'IPT>alert{\"XSS\"}</SCRIPT>'}; ?>", null ) );
++	}
++
+ 	@Test
+ 	public void testInvalidIncompleteImgTagWithScriptIncluded() {
+ 		descriptor.setValue( "whitelistType", WhiteListType.BASIC );
+-- 
+2.23.0
+

CVE-2020-10693-1.patch

@@ -0,0 +1,70 @@
+From 29bd0f42bf63e28d9a71adef02af67b319144576 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= <yoann@hibernate.org>
+Date: Mon, 24 Feb 2020 17:58:41 +0100
+Subject: [PATCH] HV-1774 Do not interpret '$\A{1+1}' in message templates
+
+---
+ .../messageinterpolation/parser/ELState.java  |  6 +++++-
+ .../TokenCollectorTest.java                   | 21 ++++++++++++++++++-
+ 2 files changed, 25 insertions(+), 2 deletions(-)
+
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+index 9460fae05..fda95a153 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+@@ -51,7 +51,11 @@ public void handleEndTerm(char character, TokenCollector tokenCollector) throws
+ 	@Override
+ 	public void handleEscapeCharacter(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+-		tokenCollector.transitionState( new EscapedState( this ) );
++		tokenCollector.appendToToken( TokenCollector.EL_DESIGNATOR );
++		tokenCollector.appendToToken( character );
++		// Do not go back to this state after the escape: $\ is not the start of an EL expression
++		ParserState stateAfterEscape = new MessageState();
++		tokenCollector.transitionState( new EscapedState( stateAfterEscape ) );
+ 	}
+ 
+ 	@Override
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
+index 972a9e051..ab9299f17 100644
+--- a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
+@@ -8,7 +8,11 @@
+ 
+ import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
+ import org.hibernate.validator.internal.engine.messageinterpolation.parser.MessageDescriptorFormatException;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.Token;
+ import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
++
++import org.assertj.core.api.Assertions;
++import org.assertj.core.api.ListAssert;
+ import org.testng.annotations.Test;
+ 
+ /**
+@@ -29,10 +33,25 @@ public void testParameterWithoutOpeningBraceThrowsException() throws Exception {
+ 	}
+ 
+ 	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+-	public void testELExpressionWithoutOpeningBraceThrowsException() throws Exception {
++	public void testELExpressionDollarThenClosingBraceThrowsException() throws Exception {
+ 		new TokenCollector( "$}", InterpolationTermType.EL );
+ 	}
+ 
++	@Test
++	public void testELExpressionDollarThenEscapeInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$\\A{1+1}", InterpolationTermType.EL )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$\\A", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{1+1}", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
+ 	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+ 	public void testTermWithoutClosingBraceThrowsException() throws Exception {
+ 		new TokenCollector( "{foo", InterpolationTermType.PARAMETER );

CVE-2020-10693-2.patch

@@ -0,0 +1,79 @@
+From 4b9f2a1a3e1c67fbd29a7fc710c611d7aca6eab9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= <yoann@hibernate.org>
+Date: Tue, 25 Feb 2020 13:05:53 +0100
+Subject: [PATCH] HV-1774 Fix an invalid error message for unbalanced '{'/'}'
+
+---
+ .../internal/engine/messageinterpolation/parser/ELState.java  | 2 +-
+ .../messageinterpolation/parser/InterpolationTermState.java   | 2 +-
+ .../engine/messageinterpolation/parser/MessageState.java      | 2 +-
+ .../org/hibernate/validator/internal/util/logging/Log.java    | 4 ++--
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+index fda95a153..9f480f848 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+@@ -42,7 +42,7 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 
+ 	@Override
+ 	public void handleEndTerm(char character, TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-		throw log.getNonTerminatedParameterException(
++		throw log.getUnbalancedBeginEndParameterException(
+ 				tokenCollector.getOriginalMessageDescriptor(),
+ 				character
+ 		);
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
+index 9b00c3594..809db34dd 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
+@@ -17,7 +17,7 @@
+ 
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-		throw log.getNonTerminatedParameterException(
++		throw log.getUnbalancedBeginEndParameterException(
+ 				tokenCollector.getOriginalMessageDescriptor(),
+ 				TokenCollector.BEGIN_TERM
+ 		);
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
+index a8b1de63f..88171668a 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
+@@ -40,7 +40,7 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 
+ 	@Override
+ 	public void handleEndTerm(char character, TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-		throw log.getNonTerminatedParameterException(
++		throw log.getUnbalancedBeginEndParameterException(
+ 				tokenCollector.getOriginalMessageDescriptor(),
+ 				character
+ 		);
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
+index 678f16e..7d544de 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
+@@ -48,7 +48,7 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 
+ 	@Override
+ 	public void handleEndTerm(char character, TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-		throw log.getNonTerminatedParameterException( tokenCollector.getOriginalMessageDescriptor(), character );
++		throw log.getUnbalancedBeginEndParameterException( tokenCollector.getOriginalMessageDescriptor(), character );
+ 	}
+ 
+ 	@Override
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/util/logging/Log.java b/engine/src/main/java/org/hibernate/validator/internal/util/logging/Log.java
+index 3effce1c9..33034cb0c 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/util/logging/Log.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/util/logging/Log.java
+@@ -552,8 +552,8 @@ ConstraintDefinitionException getValidatorForCrossParameterConstraintMustEitherV
+ 	ValidationException getOverridingConstraintDefinitionsInMultipleMappingFilesException(String constraintClass);
+ 
+ 	@Message(id = 168,
+-			value = "The message descriptor '%1$s' contains an unbalanced meta character '%2$c' parameter.")
+-	MessageDescriptorFormatException getNonTerminatedParameterException(String messageDescriptor, char character);
++			value = "The message descriptor '%1$s' contains an unbalanced meta character '%2$c'.")
++	MessageDescriptorFormatException getUnbalancedBeginEndParameterException(String messageDescriptor, char character);
+ 
+ 	@Message(id = 169,
+ 			value = "The message descriptor '%1$s' has nested parameters.")

CVE-2020-10693-3.patch

@@ -0,0 +1,516 @@
+From c7c904db1b146d24e25927b613155d130bbe40d1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= <yoann@hibernate.org>
+Date: Tue, 25 Feb 2020 15:17:03 +0100
+Subject: [PATCH] HV-1774 Add a few tests to demonstrate the behavior of
+ TokenCollector
+
+---
+ .../AbstractTokenCollectorTest.java           | 186 ++++++++++++++++++
+ .../TokenCollectorMessageExpressionTest.java  | 110 +++++++++++
+ .../TokenCollectorMessageParameterTest.java   | 115 +++++++++++
+ .../TokenCollectorTest.java                   |  64 ------
+ 4 files changed, 411 insertions(+), 64 deletions(-)
+ create mode 100644 engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/AbstractTokenCollectorTest.java
+ create mode 100644 engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageExpressionTest.java
+ create mode 100644 engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageParameterTest.java
+ delete mode 100644 engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
+
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/AbstractTokenCollectorTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/AbstractTokenCollectorTest.java
+new file mode 100644
+index 000000000..004d5c9bd
+--- /dev/null
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/AbstractTokenCollectorTest.java
+@@ -0,0 +1,186 @@
++/*
++ * Hibernate Validator, declare and validate application constraints
++ *
++ * License: Apache License, Version 2.0
++ * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
++ */
++package org.hibernate.validator.test.internal.engine.messageinterpolation;
++
++import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.MessageDescriptorFormatException;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.Token;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
++
++import org.assertj.core.api.Assertions;
++import org.testng.annotations.Test;
++
++/**
++ * Abstract base for {@code TokenCollector} tests.
++ *
++ * @author Hardy Ferentschik
++ */
++public abstract class AbstractTokenCollectorTest {
++
++	protected abstract InterpolationTermType getInterpolationTermType();
++
++	@Test
++	public void testLiteral() {
++		Assertions.assertThat(
++				new TokenCollector( "foo bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				.returns( "foo bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000169.*")
++	public void testNestedParametersThrowException() {
++		new TokenCollector( "#{foo  {}", getInterpolationTermType() );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
++	public void testClosingBraceWithoutOpeningBraceThrowsException() {
++		new TokenCollector( "foo}", getInterpolationTermType() );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
++	public void testOpeningBraceWithoutClosingBraceThrowsException() {
++		new TokenCollector( "{foo", getInterpolationTermType() );
++	}
++
++	@Test
++	public void testBackslashEscapesNonMetaCharacter() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesDollar() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\$ bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\$ bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesOpeningBrace() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\{ bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\{ bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesClosingBrace() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\} bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\} bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesBackslash() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\\\ bar", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\\\ bar", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesEL() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\$\\{bar\\}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\$\\{bar\\}", Token::getTokenValue )
++				// What's important is that we did NOT detect the expression
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testBackslashEscapesParameter() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\{bar\\}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				// Backslashes are removed later, in AbstractMessageInterpolator.replaceEscapedLiterals
++				.returns( "foo \\{bar\\}", Token::getTokenValue )
++				// What's important is that we did NOT detect the parameter
++				.returns( false, Token::isParameter );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
++	public void testTrailingClosingBraceThrowsException() {
++		new TokenCollector( "this message contains a invalid parameter start token {", getInterpolationTermType() );
++	}
++
++	@Test
++	public void testDollarThenNonMetaCharacterInterpretedAsLiteral() {
++		Assertions.assertThat(
++				new TokenCollector( "$a", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				.returns( "$a", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testTrailingDollarInterpretedAsLiteral() {
++		Assertions.assertThat(
++				new TokenCollector( "foo $", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				.returns( "foo $", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testTrailingBackslashInterpretedAsLiteral() {
++		Assertions.assertThat(
++				new TokenCollector( "foo \\", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 )
++				.element( 0 )
++				.returns( "foo \\", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++}
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageExpressionTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageExpressionTest.java
+new file mode 100644
+index 000000000..229e34174
+--- /dev/null
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageExpressionTest.java
+@@ -0,0 +1,110 @@
++/*
++ * Hibernate Validator, declare and validate application constraints
++ *
++ * License: Apache License, Version 2.0
++ * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
++ */
++package org.hibernate.validator.test.internal.engine.messageinterpolation;
++
++import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.MessageDescriptorFormatException;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.Token;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
++
++import org.assertj.core.api.Assertions;
++import org.assertj.core.api.ListAssert;
++import org.testng.annotations.Test;
++
++/**
++ * Tests for {@code TokenCollector} in message expression mode.
++ *
++ * @author Hardy Ferentschik
++ */
++public class TokenCollectorMessageExpressionTest extends AbstractTokenCollectorTest {
++	@Override
++	protected InterpolationTermType getInterpolationTermType() {
++		return InterpolationTermType.EL;
++	}
++
++	// Several tests inherited from the abstract class
++
++	@Test
++	public void testMessageParameter() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "foo {bar}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "foo ", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{bar}", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testMessageExpression() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "foo ${bar}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "foo ", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "${bar}", Token::getTokenValue )
++				.returns( true, Token::isParameter );
++	}
++
++	@Test
++	public void testDollarThenDollarThenParameterInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$${1+1}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$$", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{1+1}", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test
++	public void testDollarThenDollarThenLiteralsInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$$foo", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$$", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "foo", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
++	public void testDollarThenClosingBraceThrowsException() {
++		new TokenCollector( "$}", getInterpolationTermType() );
++	}
++
++	@Test
++	public void testDollarThenEscapeInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$\\A{1+1}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$\\A", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{1+1}", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++}
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageParameterTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageParameterTest.java
+new file mode 100644
+index 000000000..9189f496b
+--- /dev/null
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorMessageParameterTest.java
+@@ -0,0 +1,115 @@
++/*
++ * Hibernate Validator, declare and validate application constraints
++ *
++ * License: Apache License, Version 2.0
++ * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
++ */
++package org.hibernate.validator.test.internal.engine.messageinterpolation;
++
++import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.MessageDescriptorFormatException;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.Token;
++import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
++
++import org.assertj.core.api.Assertions;
++import org.assertj.core.api.ListAssert;
++import org.testng.annotations.Test;
++
++/**
++ * Tests for {@code TokenCollector} in message parameter mode.
++ *
++ * @author Hardy Ferentschik
++ */
++public class TokenCollectorMessageParameterTest extends AbstractTokenCollectorTest {
++	@Override
++	protected InterpolationTermType getInterpolationTermType() {
++		return InterpolationTermType.PARAMETER;
++	}
++
++	// Several tests inherited from the abstract class
++
++	@Test
++	public void testMessageParameter() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "foo {bar}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "foo ", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{bar}", Token::getTokenValue )
++				.returns( true, Token::isParameter );
++	}
++
++	@Test
++	public void testMessageExpression() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "foo ${bar}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		/*
++		 * 6.3.1.1:
++		 * Parameter interpolation has precedence over message expressions.
++		 * For example for the message descriptor ${value},
++		 * trying to evaluate {value} as message parameter has precedence
++		 * over evaluating ${value} as message expression.
++		 */
++		assertion.element( 0 )
++				.returns( "foo $", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{bar}", Token::getTokenValue )
++				.returns( true, Token::isParameter );
++	}
++
++	@Test
++	public void testDollarThenDollarThenParameterInterpretedAsLiteralAndParameter() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$${1+1}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$$", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{1+1}", Token::getTokenValue )
++				.returns( true, Token::isParameter );
++	}
++
++	@Test
++	public void testDollarThenDollarThenLiteralsInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$$foo", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 1 );
++		assertion.element( 0 )
++				.returns( "$$foo", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++	}
++
++	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
++	public void testDollarThenClosingBraceThrowsException() {
++		// Fails because of the dangling closing brace; the dollar sign is irrelevant
++		new TokenCollector( "$}", getInterpolationTermType() );
++	}
++
++	@Test
++	public void testDollarThenEscapeInterpretedAsLiterals() {
++		ListAssert<Token> assertion = Assertions.assertThat(
++				new TokenCollector( "$\\A{1+1}", getInterpolationTermType() )
++						.getTokenList()
++		)
++				.hasSize( 2 );
++		assertion.element( 0 )
++				.returns( "$\\A", Token::getTokenValue )
++				.returns( false, Token::isParameter );
++		assertion.element( 1 )
++				.returns( "{1+1}", Token::getTokenValue )
++				.returns( true, Token::isParameter );
++	}
++}
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
+deleted file mode 100644
+index ab9299f17..000000000
+--- a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenCollectorTest.java
++++ /dev/null
+@@ -1,64 +0,0 @@
+-/*
+- * Hibernate Validator, declare and validate application constraints
+- *
+- * License: Apache License, Version 2.0
+- * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
+- */
+-package org.hibernate.validator.test.internal.engine.messageinterpolation;
+-
+-import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
+-import org.hibernate.validator.internal.engine.messageinterpolation.parser.MessageDescriptorFormatException;
+-import org.hibernate.validator.internal.engine.messageinterpolation.parser.Token;
+-import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
+-
+-import org.assertj.core.api.Assertions;
+-import org.assertj.core.api.ListAssert;
+-import org.testng.annotations.Test;
+-
+-/**
+- * Tests for {@code TokenCollector}.
+- *
+- * @author Hardy Ferentschik
+- */
+-public class TokenCollectorTest {
+-
+-	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000169.*")
+-	public void testNestedParametersThrowException() throws Exception {
+-		new TokenCollector( "#{foo  {}", InterpolationTermType.PARAMETER );
+-	}
+-
+-	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+-	public void testParameterWithoutOpeningBraceThrowsException() throws Exception {
+-		new TokenCollector( "foo}", InterpolationTermType.PARAMETER );
+-	}
+-
+-	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+-	public void testELExpressionDollarThenClosingBraceThrowsException() throws Exception {
+-		new TokenCollector( "$}", InterpolationTermType.EL );
+-	}
+-
+-	@Test
+-	public void testELExpressionDollarThenEscapeInterpretedAsLiterals() {
+-		ListAssert<Token> assertion = Assertions.assertThat(
+-				new TokenCollector( "$\\A{1+1}", InterpolationTermType.EL )
+-						.getTokenList()
+-		)
+-				.hasSize( 2 );
+-		assertion.element( 0 )
+-				.returns( "$\\A", Token::getTokenValue )
+-				.returns( false, Token::isParameter );
+-		assertion.element( 1 )
+-				.returns( "{1+1}", Token::getTokenValue )
+-				.returns( false, Token::isParameter );
+-	}
+-
+-	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+-	public void testTermWithoutClosingBraceThrowsException() throws Exception {
+-		new TokenCollector( "{foo", InterpolationTermType.PARAMETER );
+-	}
+-
+-	@Test(expectedExceptions = MessageDescriptorFormatException.class, expectedExceptionsMessageRegExp = "HV000168.*")
+-	public void testSingleClosingBraceThrowsException() throws Exception {
+-		new TokenCollector( "this message contains a invalid parameter start token {", InterpolationTermType.EL );
+-	}
+-}

CVE-2020-10693-4.patch

@@ -0,0 +1,84 @@
+From 93c027b954d4ccce1ad82b2f5e27e22357757fa8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= <yoann@hibernate.org>
+Date: Mon, 24 Feb 2020 17:23:37 +0100
+Subject: [PATCH] HV-1774 Test arbitrary code injection through
+ buildConstraintViolationWithTemplate()
+
+---
+ .../ConstraintValidatorContextTest.java       | 51 +++++++++++++++++++
+ 1 file changed, 51 insertions(+)
+
+diff --git a/engine/src/test/java/org/hibernate/validator/test/constraints/ConstraintValidatorContextTest.java b/engine/src/test/java/org/hibernate/validator/test/constraints/ConstraintValidatorContextTest.java
+index 6094195e3..a89a97016 100644
+--- a/engine/src/test/java/org/hibernate/validator/test/constraints/ConstraintValidatorContextTest.java
++++ b/engine/src/test/java/org/hibernate/validator/test/constraints/ConstraintValidatorContextTest.java
+@@ -194,6 +194,20 @@ public void testAddParameterNodeForFieldLevelConstraintCausesException() throws
+ 		}
+ 	}
+ 
++	@Test
++	public void testInjectionCausedByRecklessConcatenation() {
++		String maliciousPayload = "$\\A{1 + 1}";
++
++		// Simulate user entry, through a web form for example
++		MyObjectWithELInjectionRiskCausedByRecklessConcatenation object = new MyObjectWithELInjectionRiskCausedByRecklessConcatenation();
++		object.field1 = maliciousPayload;
++		Set<ConstraintViolation<MyObjectWithELInjectionRiskCausedByRecklessConcatenation>> constraintViolations = validator.validate( object );
++		assertThat( constraintViolations ).containsOnlyViolations(
++				violationOf( ValidationWithELInjectionRiskCausedByRecklessConcatenation.class )
++						.withMessage( "Value '" + maliciousPayload + "' is invalid" )
++		);
++	}
++
+ 	@MyClassLevelValidation
+ 	private static class MyObject {
+ 		@NotNull
+@@ -264,6 +278,13 @@ public String getName() {
+ 		}
+ 	}
+ 
++	@ValidationWithELInjectionRiskCausedByRecklessConcatenation
++	private static class MyObjectWithELInjectionRiskCausedByRecklessConcatenation {
++
++		String field1;
++
++	}
++
+ 	@Retention(RUNTIME)
+ 	@Constraint(validatedBy = MyClassLevelValidation.Validator.class)
+ 	public @interface MyClassLevelValidation {
+@@ -496,4 +517,34 @@ public boolean isValid(String value, ConstraintValidatorContext context) {
+		}
+
+	}
++
++	@Retention(RUNTIME)
++	@Constraint(validatedBy = ValidationWithELInjectionRiskCausedByRecklessConcatenation.Validator.class)
++	public @interface ValidationWithELInjectionRiskCausedByRecklessConcatenation {
++		String message() default "failed";
++
++		Class<?>[] groups() default { };
++
++		Class<? extends Payload>[] payload() default { };
++
++		class Validator
++				implements ConstraintValidator<ValidationWithELInjectionRiskCausedByRecklessConcatenation, MyObjectWithELInjectionRiskCausedByRecklessConcatenation> {
++
++			@Override
++			public boolean isValid(MyObjectWithELInjectionRiskCausedByRecklessConcatenation value, ConstraintValidatorContext context) {
++				context.disableDefaultConstraintViolation();
++
++				// This is bad practice: message parameters should be used instead.
++				// Regardless, it can happen and should work as well as possible.
++				context.buildConstraintViolationWithTemplate( "Value '" + escape( value.field1 ) + "' is invalid" )
++						.addConstraintViolation();
++
++				return false;
++			}
++
++			private String escape(String value) {
++				return value.replaceAll( "\\$+\\{", "{" );
++			}
++		}
++	}
+ }

CVE-2020-10693-pre.patch

@@ -0,0 +1,441 @@
+From 72049532fa289d0f5664e9b1a7fd19fd514e595f Mon Sep 17 00:00:00 2001
+From: Gunnar Morling <gunnar.morling@googlemail.com>
+Date: Wed, 31 Aug 2016 15:28:25 +0200
+Subject: [PATCH] HV-1091 Using iterative instead of recursive approach for
+ message parsing
+
+---
+ .../parser/BeginState.java                    | 12 +--
+ .../messageinterpolation/parser/ELState.java  | 10 ---
+ .../parser/EscapedState.java                  |  9 --
+ .../parser/InterpolationTermState.java        | 12 ---
+ .../parser/MessageState.java                  | 11 ---
+ .../parser/ParserState.java                   |  2 -
+ .../parser/TokenCollector.java                | 16 ++--
+ .../validator/bugs/TooBigMessageTest.java     | 90 +++++++++++++++++++
+ .../TokenIteratorTest.java                    |  8 +-
+ 9 files changed, 103 insertions(+), 67 deletions(-)
+ create mode 100644 engine/src/test/java/org/hibernate/validator/bugs/TooBigMessageTest.java
+
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
+index 678f16e46..5aee73b9f 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/BeginState.java
+@@ -18,11 +18,7 @@
+ 
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-	}
+-
+-	@Override
+-	public void start(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+-		tokenCollector.next();
++		tokenCollector.terminateToken();
+ 	}
+ 
+ 	@Override
+@@ -30,7 +26,6 @@ public void handleNonMetaCharacter(char character, TokenCollector tokenCollector
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+ 		tokenCollector.transitionState( new MessageState() );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -43,7 +38,6 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 			tokenCollector.makeParameterToken();
+ 		}
+ 		tokenCollector.transitionState( new InterpolationTermState() );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -56,7 +50,6 @@ public void handleEscapeCharacter(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+ 		tokenCollector.transitionState( new EscapedState( this ) );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -68,9 +61,6 @@ public void handleELDesignator(char character, TokenCollector tokenCollector)
+ 		else {
+ 			ParserState state = new ELState();
+ 			tokenCollector.transitionState( state );
+-			tokenCollector.next();
+ 		}
+ 	}
+ }
+-
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+index ce7df402f..569ea1e2e 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ELState.java
+@@ -15,11 +15,6 @@
+ public class ELState implements ParserState {
+ 	private static final Log log = LoggerFactory.make();
+ 
+-	@Override
+-	public void start(TokenCollector tokenCollector) {
+-		throw new IllegalStateException( "Parsing of message descriptor cannot start in this state" );
+-	}
+-
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( TokenCollector.EL_DESIGNATOR );
+@@ -33,7 +28,6 @@ public void handleNonMetaCharacter(char character, TokenCollector tokenCollector
+ 		tokenCollector.appendToToken( character );
+ 		tokenCollector.terminateToken();
+ 		tokenCollector.transitionState( new BeginState() );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -44,7 +38,6 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 		tokenCollector.appendToToken( character );
+ 		tokenCollector.makeELToken();
+ 		tokenCollector.transitionState( new InterpolationTermState() );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -59,7 +52,6 @@ public void handleEndTerm(char character, TokenCollector tokenCollector) throws
+ 	public void handleEscapeCharacter(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.transitionState( new EscapedState( this ) );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -68,5 +60,3 @@ public void handleELDesignator(char character, TokenCollector tokenCollector)
+ 		handleNonMetaCharacter( character, tokenCollector );
+ 	}
+ }
+-
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/EscapedState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/EscapedState.java
+index 901acff4f..f44242dd1 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/EscapedState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/EscapedState.java
+@@ -16,11 +16,6 @@ public EscapedState(ParserState previousState) {
+ 		this.previousState = previousState;
+ 	}
+ 
+-	@Override
+-	public void start(TokenCollector tokenCollector) {
+-		throw new IllegalStateException( "Parsing of message descriptor cannot start in this state" );
+-	}
+-
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+ 		tokenCollector.terminateToken();
+@@ -58,9 +53,5 @@ private void handleEscapedCharacter(char character, TokenCollector tokenCollecto
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+ 		tokenCollector.transitionState( previousState );
+-		tokenCollector.next();
+ 	}
+ }
+-
+-
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
+index f921113f9..11c974373 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/InterpolationTermState.java
+@@ -15,11 +15,6 @@
+ public class InterpolationTermState implements ParserState {
+ 	private static final Log log = LoggerFactory.make();
+ 
+-	@Override
+-	public void start(TokenCollector tokenCollector) {
+-		throw new IllegalStateException( "Parsing of message descriptor cannot start in this state" );
+-	}
+-
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+ 		throw log.getNonTerminatedParameterException(
+@@ -32,7 +27,6 @@ public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFor
+ 	public void handleNonMetaCharacter(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -46,7 +40,6 @@ public void handleEndTerm(char character, TokenCollector tokenCollector) throws
+ 		tokenCollector.terminateToken();
+ 		BeginState beginState = new BeginState();
+ 		tokenCollector.transitionState( beginState );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -55,16 +48,11 @@ public void handleEscapeCharacter(char character, TokenCollector tokenCollector)
+ 		tokenCollector.appendToToken( character );
+ 		ParserState state = new EscapedState( this );
+ 		tokenCollector.transitionState( state );
+-		tokenCollector.next();
+-
+ 	}
+ 
+ 	@Override
+ 	public void handleELDesignator(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+-		tokenCollector.next();
+ 	}
+ }
+-
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
+index bac9c7e46..37cd23503 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/MessageState.java
+@@ -16,11 +16,6 @@
+ public class MessageState implements ParserState {
+ 	private static final Log log = LoggerFactory.make();
+ 
+-	@Override
+-	public void start(TokenCollector tokenCollector) {
+-		throw new IllegalStateException( "The parsing of the message descriptor cannot start in this state." );
+-	}
+-
+ 	@Override
+ 	public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException {
+ 		tokenCollector.terminateToken();
+@@ -30,7 +25,6 @@ public void terminate(TokenCollector tokenCollector) throws MessageDescriptorFor
+ 	public void handleNonMetaCharacter(char character, TokenCollector tokenCollector)
+ 			throws MessageDescriptorFormatException {
+ 		tokenCollector.appendToToken( character );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -42,7 +36,6 @@ public void handleBeginTerm(char character, TokenCollector tokenCollector) throw
+ 			tokenCollector.makeParameterToken();
+ 		}
+ 		tokenCollector.transitionState( new InterpolationTermState() );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -59,7 +52,6 @@ public void handleEscapeCharacter(char character, TokenCollector tokenCollector)
+ 		tokenCollector.appendToToken( character );
+ 
+ 		tokenCollector.transitionState( new EscapedState( this ) );
+-		tokenCollector.next();
+ 	}
+ 
+ 	@Override
+@@ -70,9 +62,6 @@ public void handleELDesignator(char character, TokenCollector tokenCollector)
+ 		}
+ 		else {
+ 			tokenCollector.transitionState( new ELState() );
+-			tokenCollector.next();
+ 		}
+ 	}
+ }
+-
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ParserState.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ParserState.java
+index a48a48f2b..64317de46 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ParserState.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/ParserState.java
+@@ -13,7 +13,6 @@
+  * @author Hardy Ferentschik
+  */
+ public interface ParserState {
+-	void start(TokenCollector tokenCollector) throws MessageDescriptorFormatException;
+ 
+ 	void terminate(TokenCollector tokenCollector) throws MessageDescriptorFormatException;
+ 
+@@ -27,4 +26,3 @@
+ 
+ 	void handleELDesignator(char character, TokenCollector tokenCollector) throws MessageDescriptorFormatException;
+ }
+-
+diff --git a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/TokenCollector.java b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/TokenCollector.java
+index 1443eee7f..ffce7bb68 100644
+--- a/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/TokenCollector.java
++++ b/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/parser/TokenCollector.java
+@@ -6,13 +6,13 @@
+  */
+ package org.hibernate.validator.internal.engine.messageinterpolation.parser;
+ 
++import static org.hibernate.validator.internal.util.CollectionHelper.newArrayList;
++
+ import java.util.Collections;
+ import java.util.List;
+ 
+ import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
+ 
+-import static org.hibernate.validator.internal.util.CollectionHelper.newArrayList;
+-
+ /**
+  * Used to creates a list of tokens from a message descriptor.
+  *
+@@ -28,7 +28,7 @@
+ 	private final String originalMessageDescriptor;
+ 	private final InterpolationTermType interpolationTermType;
+ 
+-	private List<Token> tokenList;
++	private final List<Token> tokenList;
+ 	private ParserState currentParserState;
+ 	private int currentPosition;
+ 	private Token currentToken;
+@@ -69,10 +69,11 @@ public void makeELToken() {
+ 		currentToken.makeELToken();
+ 	}
+ 
+-	public void next() throws MessageDescriptorFormatException {
++	private void next() throws MessageDescriptorFormatException {
+ 		if ( currentPosition == originalMessageDescriptor.length() ) {
+ 			// give the current context the chance to complete
+ 			currentParserState.terminate( this );
++			currentPosition++;
+ 			return;
+ 		}
+ 		char currentCharacter = originalMessageDescriptor.charAt( currentPosition );
+@@ -98,12 +99,12 @@ public void next() throws MessageDescriptorFormatException {
+ 				currentParserState.handleNonMetaCharacter( currentCharacter, this );
+ 			}
+ 		}
+-		// make sure the last token is terminated
+-		terminateToken();
+ 	}
+ 
+ 	public void parse() throws MessageDescriptorFormatException {
+-		currentParserState.start( this );
++		while ( currentPosition <= originalMessageDescriptor.length() ) {
++			next();
++		}
+ 	}
+ 
+ 	public void transitionState(ParserState newState) {
+@@ -122,4 +123,3 @@ public String getOriginalMessageDescriptor() {
+ 		return originalMessageDescriptor;
+ 	}
+ }
+-
+diff --git a/engine/src/test/java/org/hibernate/validator/bugs/TooBigMessageTest.java b/engine/src/test/java/org/hibernate/validator/bugs/TooBigMessageTest.java
+new file mode 100644
+index 000000000..4eb8ffc18
+--- /dev/null
++++ b/engine/src/test/java/org/hibernate/validator/bugs/TooBigMessageTest.java
+@@ -0,0 +1,90 @@
++/*
++ * Hibernate Validator, declare and validate application constraints
++ *
++ * License: Apache License, Version 2.0
++ * See the license.txt file in the root directory or <http://www.apache.org/licenses/LICENSE-2.0>.
++ */
++package org.hibernate.validator.bugs;
++
++import static org.hibernate.validator.testutil.ConstraintViolationAssert.assertCorrectConstraintViolationMessages;
++import static org.hibernate.validator.testutil.ConstraintViolationAssert.assertNumberOfViolations;
++
++import java.util.Set;
++
++import javax.validation.ConstraintViolation;
++import javax.validation.Validator;
++import javax.validation.constraints.NotNull;
++
++import org.hibernate.validator.testutil.TestForIssue;
++import org.hibernate.validator.testutils.ValidatorUtil;
++import org.junit.Test;
++
++/**
++ * Ensure large error messages can be interpolated.
++ *
++ * @author Gunnar Morling
++ */
++public class TooBigMessageTest {
++
++	/**
++	 * Large enough to trigger a stack overflow with the recursive scheme, assuming default settings
++	 */
++	private static final String LARGE_MESSAGE =
++			"12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
++			+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890";
++
++	@Test
++	@TestForIssue(jiraKey = "HV-1091")
++	public void largeMessageCanBeInterpolated() {
++		Validator validator = ValidatorUtil.getValidator();
++		GoldFish fish = new GoldFish();
++
++		Set<ConstraintViolation<GoldFish>> constraintViolations = validator.validate( fish );
++		assertNumberOfViolations( constraintViolations, 1 );
++		assertCorrectConstraintViolationMessages( constraintViolations, LARGE_MESSAGE );
++	}
++
++	private static class GoldFish {
++
++		@NotNull(message = LARGE_MESSAGE)
++		String name;
++	}
++}
+diff --git a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenIteratorTest.java b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenIteratorTest.java
+index a63e1996a..281f3bccf 100644
+--- a/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenIteratorTest.java
++++ b/engine/src/test/java/org/hibernate/validator/test/internal/engine/messageinterpolation/TokenIteratorTest.java
+@@ -6,15 +6,15 @@
+  */
+ package org.hibernate.validator.test.internal.engine.messageinterpolation;
+ 
++import static org.testng.Assert.assertEquals;
++import static org.testng.Assert.assertFalse;
++import static org.testng.Assert.assertTrue;
++
+ import org.hibernate.validator.internal.engine.messageinterpolation.InterpolationTermType;
+ import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenCollector;
+ import org.hibernate.validator.internal.engine.messageinterpolation.parser.TokenIterator;
+ import org.testng.annotations.Test;
+ 
+-import static org.testng.Assert.assertEquals;
+-import static org.testng.Assert.assertFalse;
+-import static org.testng.Assert.assertTrue;
+-
+ /**
+  * Tests for {@code TokenIterator}.
+  *

hibernate-validator-5.2.4.Final-jaxb.patch

@@ -0,0 +1,153 @@
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedExecutableBuilder.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedExecutableBuilder.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedExecutableBuilder.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedExecutableBuilder.java	2016-06-07 11:53:45.568875613 +0200
+@@ -107,10 +107,10 @@
+ 			ExecutableElement methodExecutableElement = ExecutableElement.forMethod( method );
+ 
+ 			// ignore annotations
+-			if ( methodType.getIgnoreAnnotations() != null ) {
++			if ( methodType.isIgnoreAnnotations() != null ) {
+ 				annotationProcessingOptions.ignoreConstraintAnnotationsOnMember(
+ 						method,
+-						methodType.getIgnoreAnnotations()
++						methodType.isIgnoreAnnotations()
+ 				);
+ 			}
+ 
+@@ -166,10 +166,10 @@
+ 			ExecutableElement constructorExecutableElement = ExecutableElement.forConstructor( constructor );
+ 
+ 			// ignore annotations
+-			if ( constructorType.getIgnoreAnnotations() != null ) {
++			if ( constructorType.isIgnoreAnnotations() != null ) {
+ 				annotationProcessingOptions.ignoreConstraintAnnotationsOnMember(
+ 						constructor,
+-						constructorType.getIgnoreAnnotations()
++						constructorType.isIgnoreAnnotations()
+ 				);
+ 			}
+ 
+@@ -251,10 +251,10 @@
+ 		}
+ 
+ 		// ignore annotations
+-		if ( crossParameterType.getIgnoreAnnotations() != null ) {
++		if ( crossParameterType.isIgnoreAnnotations() != null ) {
+ 			annotationProcessingOptions.ignoreConstraintAnnotationsForCrossParameterConstraint(
+ 					executableElement.getMember(),
+-					crossParameterType.getIgnoreAnnotations()
++					crossParameterType.isIgnoreAnnotations()
+ 			);
+ 		}
+ 
+@@ -289,10 +289,10 @@
+ 		);
+ 
+ 		// ignore annotations
+-		if ( returnValueType.getIgnoreAnnotations() != null ) {
++		if ( returnValueType.isIgnoreAnnotations() != null ) {
+ 			annotationProcessingOptions.ignoreConstraintAnnotationsForReturnValue(
+ 					executableElement.getMember(),
+-					returnValueType.getIgnoreAnnotations()
++					returnValueType.isIgnoreAnnotations()
+ 			);
+ 		}
+ 
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedFieldBuilder.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedFieldBuilder.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedFieldBuilder.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedFieldBuilder.java	2016-06-07 11:53:45.580874986 +0200
+@@ -84,10 +84,10 @@
+ 
+ 
+ 			// ignore annotations
+-			if ( fieldType.getIgnoreAnnotations() != null ) {
++			if ( fieldType.isIgnoreAnnotations() != null ) {
+ 				annotationProcessingOptions.ignoreConstraintAnnotationsOnMember(
+ 						field,
+-						fieldType.getIgnoreAnnotations()
++						fieldType.isIgnoreAnnotations()
+ 				);
+ 			}
+ 		}
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedGetterBuilder.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedGetterBuilder.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedGetterBuilder.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedGetterBuilder.java	2016-06-07 11:53:45.581874934 +0200
+@@ -88,10 +88,10 @@
+ 			constrainedExecutables.add( constrainedGetter );
+ 
+ 			// ignore annotations
+-			if ( getterType.getIgnoreAnnotations() != null ) {
++			if ( getterType.isIgnoreAnnotations() != null ) {
+ 				annotationProcessingOptions.ignoreConstraintAnnotationsOnMember(
+ 						getter,
+-						getterType.getIgnoreAnnotations()
++						getterType.isIgnoreAnnotations()
+ 				);
+ 			}
+ 		}
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedParameterBuilder.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedParameterBuilder.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedParameterBuilder.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedParameterBuilder.java	2016-06-07 11:53:45.582874882 +0200
+@@ -71,11 +71,11 @@
+ 			);
+ 
+ 			// ignore annotations
+-			if ( parameterType.getIgnoreAnnotations() != null ) {
++			if ( parameterType.isIgnoreAnnotations() != null ) {
+ 				annotationProcessingOptions.ignoreConstraintAnnotationsOnParameter(
+ 						executableElement.getMember(),
+ 						i,
+-						parameterType.getIgnoreAnnotations()
++						parameterType.isIgnoreAnnotations()
+ 				);
+ 			}
+ 
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedTypeBuilder.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedTypeBuilder.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedTypeBuilder.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ConstrainedTypeBuilder.java	2016-06-07 11:53:45.582874882 +0200
+@@ -67,10 +67,10 @@
+ 		}
+ 
+ 		// ignore annotation
+-		if ( classType.getIgnoreAnnotations() != null ) {
++		if ( classType.isIgnoreAnnotations() != null ) {
+ 			annotationProcessingOptions.ignoreClassLevelConstraintAnnotations(
+ 					beanClass,
+-					classType.getIgnoreAnnotations()
++					classType.isIgnoreAnnotations()
+ 			);
+ 		}
+ 
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ValidationXmlParser.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ValidationXmlParser.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/ValidationXmlParser.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/ValidationXmlParser.java	2016-06-07 11:53:45.583874830 +0200
+@@ -156,7 +156,7 @@
+ 		EnumSet<ExecutableType> defaultValidatedExecutableTypes = executableValidationType == null
+ 				? getValidatedExecutableTypes( null )
+ 				: getValidatedExecutableTypes( executableValidationType.getDefaultValidatedExecutableTypes() );
+-		boolean executableValidationEnabled = executableValidationType == null || executableValidationType.getEnabled();
++		boolean executableValidationEnabled = executableValidationType == null || executableValidationType.isEnabled();
+ 
+ 		return new BootstrapConfigurationImpl(
+ 				config.getDefaultProvider(),
+diff -Nru hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/XmlMappingParser.java hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/XmlMappingParser.java
+--- hibernate-validator-5.2.4.Final/engine/src/main/java/org/hibernate/validator/internal/xml/XmlMappingParser.java	2016-02-17 16:11:40.000000000 +0100
++++ hibernate-validator-5.2.4.Final.jaxb/engine/src/main/java/org/hibernate/validator/internal/xml/XmlMappingParser.java	2016-06-07 11:53:45.584874777 +0200
+@@ -208,7 +208,7 @@
+ 		// update annotation ignores
+ 		annotationProcessingOptions.ignoreAnnotationConstraintForClass(
+ 				beanClass,
+-				bean.getIgnoreAnnotations()
++				bean.isIgnoreAnnotations()
+ 		);
+ 
+ 		ConstrainedType constrainedType = constrainedTypeBuilder.buildConstrainedType(
+@@ -293,7 +293,7 @@
+ 		constraintHelper.putValidatorClasses(
+ 				annotationClass,
+ 				constraintValidatorClasses,
+-				Boolean.TRUE.equals( validatedByType.getIncludeExistingValidators() )
++				Boolean.TRUE.equals( validatedByType.isIncludeExistingValidators() )
+ 		);
+ 	}
+ 

hibernate-validator.spec

@@ -0,0 +1,160 @@
+%global namedreltag .Final
+%global namedversion %{version}%{?namedreltag}
+%global majorversion 5
+
+Name:                hibernate-validator
+Version:             5.2.4
+Release:             5
+Summary:             Bean Validation 1.1 (JSR 349) Reference Implementation
+License:             ASL 2.0
+URL:                 http://www.hibernate.org/subprojects/validator.html
+Source0:             https://github.com/hibernate/hibernate-validator/archive/%{namedversion}/hibernate-validator-%{namedversion}.tar.gz
+# JAXB2 and JDK7+ problems see https://hibernate.atlassian.net/browse/HV-528
+Patch0:              %{name}-5.2.4.Final-jaxb.patch
+Patch1:              CVE-2017-7536.patch
+Patch2:              CVE-2020-10693-pre.patch
+Patch3:              CVE-2020-10693-1.patch
+Patch4:              CVE-2020-10693-2.patch
+Patch5:              CVE-2020-10693-3.patch
+Patch6:              CVE-2020-10693-4.patch
+Patch7:		     CVE-2019-10219.patch
+
+BuildRequires:       maven-local mvn(com.fasterxml:classmate) mvn(com.sun.xml.bind:jaxb-impl)
+BuildRequires:       mvn(com.thoughtworks.paranamer:paranamer)
+BuildRequires:       mvn(javax.annotation:javax.annotation-api) = 1.2 mvn(javax.el:javax.el-api)
+BuildRequires:       mvn(javax.enterprise:cdi-api) mvn(javax.validation:validation-api)
+BuildRequires:       mvn(javax.xml.bind:jaxb-api) mvn(joda-time:joda-time) mvn(junit:junit)
+BuildRequires:       mvn(log4j:log4j:1.2.17) mvn(org.apache.felix:maven-bundle-plugin)
+BuildRequires:       mvn(org.apache.maven.plugins:maven-enforcer-plugin)
+BuildRequires:       mvn(org.codehaus.mojo:jaxb2-maven-plugin) mvn(org.glassfish.web:javax.el)
+BuildRequires:       mvn(org.hibernate.javax.persistence:hibernate-jpa-2.1-api)
+BuildRequires:       mvn(org.jboss.arquillian:arquillian-bom:pom:)
+BuildRequires:       mvn(org.jboss.maven.plugins:maven-injection-plugin)
+BuildRequires:       mvn(org.jboss.spec.javax.interceptor:jboss-interceptors-api_1.2_spec)
+BuildRequires:       mvn(org.jboss.logging:jboss-logging) >= 3.1.1
+BuildRequires:       mvn(org.jboss.logging:jboss-logging-processor:1)
+BuildRequires:       mvn(org.jboss.maven.plugins:maven-injection-plugin)
+BuildRequires:       mvn(org.jboss.shrinkwrap:shrinkwrap-bom:pom:)
+BuildRequires:       mvn(org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-bom:pom:)
+BuildRequires:       mvn(org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom:pom:)
+BuildRequires:       mvn(org.jsoup:jsoup) mvn(org.testng:testng)
+BuildArch:           noarch
+
+%description
+This is the reference implementation of JSR-349 - Bean Validation 1.1.
+Bean Validation defines a meta-data model and API for JavaBean as well
+as method validation. The default meta-data source are annotations,
+with the ability to override and extend the meta-data through the
+use of XML validation descriptors.
+
+%package annotation-processor
+Summary:             Hibernate Validator Annotation Processor
+%description annotation-processor
+Hibernate Validator Annotation Processor.
+
+%package cdi
+Summary:             Hibernate Validator Portable Extension
+%description cdi
+Hibernate Validator CDI Portable Extension.
+
+%package parent
+Summary:             Hibernate Validator Parent POM
+%description parent
+Aggregator of the Hibernate Validator modules.
+
+%package performance
+Summary:             Hibernate Validator Performance Tests
+%description performance
+Hibernate Validator performance tests.
+
+%package test-utils
+Summary:             Hibernate Validator Test Utils
+%description test-utils
+Hibernate Validator Test Utils.
+
+%package javadoc
+Summary:             Javadoc for %{name}
+%description javadoc
+This package contains javadoc for %{name}.
+
+%prep
+%setup -q -n %{name}-%{namedversion}
+find . -name "*.jar" -delete
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%pom_disable_module distribution
+%pom_disable_module documentation
+%pom_disable_module engine-jdk8-tests
+%pom_disable_module integration
+%pom_disable_module osgi
+%pom_disable_module tck-runner
+%pom_remove_dep :fest-assert test-utils
+rm -r test-utils/src/main/java/org/hibernate/validator/testutil/ConstraintViolationAssert.java \
+ test-utils/src/main/java/org/hibernate/validator/testutil/DescriptorAssert.java \
+ test-utils/src/main/java/org/hibernate/validator/testutil/MessageLoggedAssertionLogger.java
+%pom_remove_plugin :maven-jdocbook-plugin
+%pom_remove_plugin org.zanata:zanata-maven-plugin
+%pom_remove_plugin -r org.codehaus.gmaven:gmaven-plugin
+%pom_remove_plugin -r org.codehaus.mojo:clirr-maven-plugin
+%pom_remove_plugin -r org.codehaus.mojo:chronos-jmeter-maven-plugin
+%pom_remove_plugin org.codehaus.mojo:chronos-report-maven-plugin performance
+%pom_xpath_remove "pom:build/pom:extensions"
+%pom_remove_plugin -r :maven-dependency-plugin
+%pom_remove_plugin -r :maven-surefire-report-plugin
+%pom_remove_plugin -r :animal-sniffer-maven-plugin
+%pom_xpath_inject "pom:build/pom:pluginManagement/pom:plugins/pom:plugin[pom:artifactId='maven-javadoc-plugin']/pom:configuration" " <excludePackageNames>*.internal.*</excludePackageNames>"
+%pom_xpath_set "pom:maven.javadoc.skip" false
+%pom_xpath_inject "pom:plugin[pom:artifactId='maven-compiler-plugin']/pom:configuration" \
+ "<useIncrementalCompilation>false</useIncrementalCompilation>"
+%pom_xpath_set "pom:properties/pom:jboss.logging.processor.version" 1
+%pom_change_dep :jboss-logging-processor ::'${jboss.logging.processor.version}' engine
+rm engine/src/main/java/org/hibernate/validator/internal/engine/valuehandling/JavaFXPropertyValueUnwrapper.java
+
+%build
+%mvn_build -f -s -- -Pdist
+
+%install
+%mvn_install
+
+%files -f .mfiles-%{name}
+%doc CONTRIBUTING.md README.md changelog.txt
+%license copyright.txt license.txt
+
+%files annotation-processor -f .mfiles-%{name}-annotation-processor
+%license copyright.txt license.txt
+
+%files cdi -f .mfiles-%{name}-cdi
+
+%files parent -f .mfiles-%{name}-parent
+%license copyright.txt license.txt
+
+%files performance -f .mfiles-%{name}-performance
+%license copyright.txt license.txt
+
+%files test-utils -f .mfiles-%{name}-test-utils
+%license copyright.txt license.txt
+
+%files javadoc -f .mfiles-javadoc
+%license copyright.txt license.txt
+
+%changelog
+* Mon Nov 29 2021 lingsheng <lingsheng@huawei.com> - 5.2.4-5
+- Limit javax.annotation-api version to 1.2
+
+* Mon Aug 23 2021 houyingchao <houyingchao@huawei.com> - 5.2.4-4
+- Fix CVE-2019-10219
+
+* Mon Mar 15 2021 wangxiao <wangxiao65@huawei.com> - 5.2.4-3
+- Fix CVE-2020-10693
+
+* Sat Sep 19 2020 maminjie <maminjie1@huawei.com> - 5.2.4-2
+- fix CVE-2017-7536
+
+* Wed Aug 12 2020 maminjie <maminjie1@huawei.com> - 5.2.4-1
+- package init

hibernate-validator.yaml

@@ -0,0 +1,4 @@
+version_control: github
+src_repo: hibernate/hibernate-validator
+tag_prefix: ^
+seperator: "."