[Hibernate-JIRA] Created: (HHH-3263) Postgres dialect quoting defect
by Stephan Fuhrmann (JIRA)
Postgres dialect quoting defect
-------------------------------
Key: HHH-3263
URL: http://opensource.atlassian.com/projects/hibernate/browse/HHH-3263
Project: Hibernate3
Issue Type: Bug
Affects Versions: 3.2.6
Environment: hibernate-3.2.6.ga, postgres 7.4.19, jdbc-driver postgresql-8.3-603.jdbc4.jar
Reporter: Stephan Fuhrmann
Priority: Critical
Attachments: hibernate.cfg.xml
Special characters do not seem to be quoted / escaped. This makes the database parser throw an exception if it encounters such a unescaped String:
org.hibernate.exception.DataException: could not insert collection: [org.fstool.io.fs.UserInfoAttributes.attributes#205]
at org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:77)
at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:43)
at org.hibernate.persister.collection.AbstractCollectionPersister.recreate(AbstractCollectionPersister.java:1183)
at org.hibernate.action.CollectionRecreateAction.execute(CollectionRecreateAction.java:39)
at org.hibernate.engine.ActionQueue.execute(ActionQueue.java:279)
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:263)
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:171)
at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:298)
at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:27)
at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1000)
at sun.reflect.GeneratedMethodAccessor35.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:301)
at $Proxy0.flush(Unknown Source)
...
Caused by: java.sql.BatchUpdateException: Batch-Eintrag 6 insert into attributes (id, property_name, property_value) values (205, 9, (¯`'<95>.?<95> a <95>?. <95>'?¯)) wurde abgebrochen. Rufen Sie 'getNextException' auf, um die Ursache zu erfahren.
at org.postgresql.jdbc2.AbstractJdbc2Statement$BatchResultHandler.handleError(AbstractJdbc2Statement.java:2537)
at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1328)
at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:351)
at org.postgresql.jdbc2.AbstractJdbc2Statement.executeBatch(AbstractJdbc2Statement.java:2674)
at org.hibernate.jdbc.BatchingBatcher.doExecuteBatch(BatchingBatcher.java:48)
at org.hibernate.jdbc.BatchingBatcher.addToBatch(BatchingBatcher.java:34)
at org.hibernate.persister.collection.AbstractCollectionPersister.recreate(AbstractCollectionPersister.java:1146)
... 22 more
The offending character seems to be ISO 8859-1 0xb4 (ACUTE ACCENT).
The map file excerpt for this:
...
<map name="attributes">
<key column="id"/>
<index-many-to-many column="property_name" class="org.fstool.io.fs.AttributeKey"/>
<element column="property_value" type="string"/> <!-- this hurts -->
</map>
...
The application doesn't need to care about escaping because Hibernate does the job of O/R-mapping.
The problem does NOT exist for the DerbyDialect - this works fine!
Note: If characters get passed to the DB unescaped this is a security risk opening a hole for SQL injection! Therefore I marked this problem critical.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators....
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
16 years
[Hibernate-JIRA] Created: (HHH-3284) TimeZoneType takes too much space in 2nd level cache
by Yossi Tamari (JIRA)
TimeZoneType takes too much space in 2nd level cache
----------------------------------------------------
Key: HHH-3284
URL: http://opensource.atlassian.com/projects/hibernate/browse/HHH-3284
Project: Hibernate3
Issue Type: Bug
Components: caching (L2)
Affects Versions: 3.2.6
Reporter: Yossi Tamari
Priority: Minor
TimeZoneType does not override the assemble/disassemble methods, and as a result the whole sun.util.calendar.ZoneInfo object is stored in the second level cache, and if using a distributed copying cache, the whole structure is serialized and sent across the network. This is very inefficient since the ZoneInfo contains a number of arrays, and for some timezones (like europe/london) some of the arrays (specifically transitions, an array of long) have over a hundred elements.
Considering that the objects are stored in the DB as string IDs, simply overiding disassemble to return this string, and overinding assemble to return TimeZone.getTimeZone(value) would achieve huge memory (and potentialy network) savings, at the cost of object creation.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators....
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
16 years
[Hibernate-JIRA] Updated: (HHH-1697) OracleDialect fails to recognize sequence accessible through syonyms when validating schema
by Diego Plentz (JIRA)
[ http://opensource.atlassian.com/projects/hibernate/browse/HHH-1697?page=c... ]
Diego Plentz updated HHH-1697:
------------------------------
Assignee: Diego Plentz
Affects Version/s: 3.3.0.CR1
Component/s: core
> OracleDialect fails to recognize sequence accessible through syonyms when validating schema
> -------------------------------------------------------------------------------------------
>
> Key: HHH-1697
> URL: http://opensource.atlassian.com/projects/hibernate/browse/HHH-1697
> Project: Hibernate3
> Issue Type: Bug
> Components: core
> Affects Versions: 3.3.0.CR1
> Environment: Hibernate 3.1.2, Hibernate 3.1.3 Oracle 10g
> Reporter: Bjørn Bjerkeli
> Assignee: Diego Plentz
> Priority: Minor
> Attachments: Oracle9Dialect.java
>
>
> The Dialect implementations in OracleDialect and Oracle9Dialect fails to recognize sequences upon validation when they are accesssed through synonyms
> because the user_sequences table will not create when the sequence is acced through a synonym. This is needed when using hibernate.hbm2ddl.auto=validate
> which is a very useful feature.
> Thus sequences returned by:
> public String getQuerySequencesString() {
> return "select sequence_name from user_sequences";
> }
> will mot identify sequences accessible using a synonym.
> By using this implementation:
> public String getQuerySequencesString() {
> return "select sequence_name from user_sequences " +
> "union " +
> "select synonym_name from user_synonyms us " +
> "where exists (select 1 from all_objects ao where object_type='SEQUENCE' and " +
> "us.table_name = ao.object_name)";
> }
> orale will also return sequences acccessible though synonyms.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators....
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
16 years
[Hibernate-JIRA] Commented: (HHH-1697) OracleDialect fails to recognize sequence accessible through syonyms when validating schema
by Diego Plentz (JIRA)
[ http://opensource.atlassian.com/projects/hibernate/browse/HHH-1697?page=c... ]
Diego Plentz commented on HHH-1697:
-----------------------------------
The first improvement that we will do is change from user_sequences view to all_sequences view since "ALL_SEQUENCES describes all sequences accessible to the user.".
> OracleDialect fails to recognize sequence accessible through syonyms when validating schema
> -------------------------------------------------------------------------------------------
>
> Key: HHH-1697
> URL: http://opensource.atlassian.com/projects/hibernate/browse/HHH-1697
> Project: Hibernate3
> Issue Type: Bug
> Environment: Hibernate 3.1.2, Hibernate 3.1.3 Oracle 10g
> Reporter: Bjørn Bjerkeli
> Priority: Minor
> Attachments: Oracle9Dialect.java
>
>
> The Dialect implementations in OracleDialect and Oracle9Dialect fails to recognize sequences upon validation when they are accesssed through synonyms
> because the user_sequences table will not create when the sequence is acced through a synonym. This is needed when using hibernate.hbm2ddl.auto=validate
> which is a very useful feature.
> Thus sequences returned by:
> public String getQuerySequencesString() {
> return "select sequence_name from user_sequences";
> }
> will mot identify sequences accessible using a synonym.
> By using this implementation:
> public String getQuerySequencesString() {
> return "select sequence_name from user_sequences " +
> "union " +
> "select synonym_name from user_synonyms us " +
> "where exists (select 1 from all_objects ao where object_type='SEQUENCE' and " +
> "us.table_name = ao.object_name)";
> }
> orale will also return sequences acccessible though synonyms.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators....
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
16 years