Oleksandr Gavenko ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=60780ab... ) *created* an issue Hibernate ORM ( https://hibernate.atlassian.net/browse/HHH?atlOrigin=eyJpIjoiNjdhZGQ3NzYz... ) / Bug ( https://hibernate.atlassian.net/browse/HHH-16958?atlOrigin=eyJpIjoiNjdhZG... ) HHH-16958 ( https://hibernate.atlassian.net/browse/HHH-16958?atlOrigin=eyJpIjoiNjdhZG... ) UnknownFormatConversionException: Conversion = ''' ( https://hibernate.atlassian.net/browse/HHH-16958?atlOrigin=eyJpIjoiNjdhZG... ) Issue Type: Bug Affects Versions: 6.2.2 Assignee: Unassigned Components: query-hql Created: 20/Jul/2023 05:49 AM Priority: Major Reporter: Oleksandr Gavenko ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=60780ab... ) Our JPQL query has concat('%', ?1) and Hibernate on the attempt of logging the query details fails on String.format : Caused by: java.util.UnknownFormatConversionException: Conversion = ''' at java.base/java.util.Formatter.format(Formatter.java:2671) at java.base/java.util.Formatter.format(Formatter.java:2625) at java.base/java.lang.String.format(String.java:4143) at org.jboss.logging.Slf4jLocationAwareLogger.doLogf(Slf4jLocationAwareLogger.java:81) at org.jboss.logging.Logger.logf(Logger.java:2445) at org.jboss.logging.DelegatingBasicLogger.debugf(DelegatingBasicLogger.java:344) at org.hibernate.query.hql.internal.StandardHqlTranslator.translate(StandardHqlTranslator.java:75) at org.hibernate.internal.AbstractSharedSessionContract.lambda$interpretHql$2(AbstractSharedSessionContract.java:744) at org.hibernate.query.internal.QueryInterpretationCacheStandardImpl.createHqlInterpretation(QueryInterpretationCacheStandardImpl.java:141) at org.hibernate.query.internal.QueryInterpretationCacheStandardImpl.resolveHqlInterpretation(QueryInterpretationCacheStandardImpl.java:128) at org.hibernate.internal.AbstractSharedSessionContract.interpretHql(AbstractSharedSessionContract.java:741) at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:786) at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:704) at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:120) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.orm.jpa.ExtendedEntityManagerCreator$ExtendedEntityManagerInvocationHandler.invoke(ExtendedEntityManagerCreator.java:360) at jdk.proxy2/jdk.proxy2.$Proxy162.createQuery(Unknown Source) at org.springframework.data.jpa.repository.query.SimpleJpaQuery.validateQuery(SimpleJpaQuery.java:94) *User input should never be used as format expression, only as format argument* - to avoid interpretation of some sequences as magical. The culprit is here: public <R> SqmStatement<R> translate(String query, Class<R> expectedResultType) { HqlLogging.QUERY_LOGGER.debugf( "HQL : " + query ); ( https://hibernate.atlassian.net/browse/HHH-16958#add-comment?atlOrigin=ey... ) Add Comment ( https://hibernate.atlassian.net/browse/HHH-16958#add-comment?atlOrigin=ey... ) Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.... ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=Em... ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100232- sha1:1e691fe )