packages/hibernate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!6 fix CVE-2019-14900

Browse Source 
From: @wang_yue111
Reviewed-by: @wangchong1995924
Signed-off-by: @wangchong1995924
This commit is contained in:
openeuler-ci-bot 2021-03-22 09:44:28 +08:00 committed by Gitee
commit 2a1fc51336
2 changed files with 53 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
CVE-2019-14900.patch Normal file
View File

@ -0,0 +1,48 @@
From 64a0cec764bfdd93c5e3d57e9fc342bcc9824ea3 Mon Sep 17 00:00:00 2001
From: wang_yue111 <648774160@qq.com>
Date: Fri, 19 Mar 2021 11:45:31 +0800
Subject: [PATCH] fix CVE-2019-14900
---
.../expression/LiteralExpression.java | 20 +++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/criteria/expression/LiteralExpression.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/criteria/expression/LiteralExpression.java
index ac485b4..6125363 100644
--- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/criteria/expression/LiteralExpression.java
+++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/criteria/expression/LiteralExpression.java
@@ -58,17 +58,25 @@ public class LiteralExpression<T> extends ExpressionImpl<T> implements Serializa
return ':' + parameterName;
}
+ private String escapeLiteral(String literal) {
+ return literal.replace("'", "''");
+ }
+
+ private String inlineLiteral(String literal) {
+ return String.format( "\'%s\'", escapeLiteral( literal) );
+ }
+
@SuppressWarnings({ "unchecked" })
public String renderProjection(RenderingContext renderingContext) {
+ if ( ValueHandlerFactory.isCharacter( literal ) ) {
+ // In case literal is a Character, pass literal.toString() as the argument.
+ return inlineLiteral( literal.toString() );
+ }
+
// some drivers/servers do not like parameters in the select clause
final ValueHandlerFactory.ValueHandler handler =
ValueHandlerFactory.determineAppropriateHandler( literal.getClass() );
- if ( ValueHandlerFactory.isCharacter( literal ) ) {
- return '\'' + handler.render( literal ) + '\'';
- }
- else {
- return handler.render( literal );
- }
+ return handler.render( literal );
}
@Override
--
2.23.0

7
hibernate.spec
View File

@ -5,7 +5,7 @@
Name: hibernate Name: hibernate
Summary: an easy-to-use and powerful object relational persistence framework for Java applications Summary: an easy-to-use and powerful object relational persistence framework for Java applications
Version: 5.0.10 Version: 5.0.10
Release: 7 Release: 8
License: LGPLv2+ and ASL 2.0 License: LGPLv2+ and ASL 2.0
URL: http://www.hibernate.org/ URL: http://www.hibernate.org/
@ -34,7 +34,7 @@ Source67: Bundle-Description-Name.txt
Source68: manifestFile.txt Source68: manifestFile.txt
Patch0000: CVE-2020-25638.patch Patch0000: CVE-2020-25638.patch
Patch0001: CVE-2019-14900.patch
BuildRequires: maven-local mvn(antlr:antlr) mvn(com.experlog:xapool) mvn(com.fasterxml:classmate) BuildRequires: maven-local mvn(antlr:antlr) mvn(com.experlog:xapool) mvn(com.fasterxml:classmate)
BuildRequires: mvn(com.mchange:c3p0) mvn(com.zaxxer:HikariCP) mvn(dom4j:dom4j) mvn(java_cup:java_cup) BuildRequires: mvn(com.mchange:c3p0) mvn(com.zaxxer:HikariCP) mvn(dom4j:dom4j) mvn(java_cup:java_cup)
BuildRequires: mvn(javax.enterprise:cdi-api) mvn(javax.validation:validation-api) mvn(junit:junit) BuildRequires: mvn(javax.enterprise:cdi-api) mvn(javax.validation:validation-api) mvn(junit:junit)
@ -164,6 +164,9 @@ done
%doc hibernate-osgi/README.md %doc hibernate-osgi/README.md
%changelog %changelog
* Thu Mar 18 2021 wangyue<wangyue92@huawei.com> 5.0.10-8
- fix CVE-2019-14900
* Sat Dec 12 2020 zhangtao<zhangtao221@huawei.com> - 5.0.10-7 * Sat Dec 12 2020 zhangtao<zhangtao221@huawei.com> - 5.0.10-7
- CVE-2020-25638 - CVE-2020-25638